[House Hearing, 112 Congress] [From the U.S. Government Publishing Office] DHS ACQUISITION MANAGEMENT CHALLENGES: SOLUTIONS FOR SAVING TAXPAYER DOLLARS ======================================================================= HEARING before the SUBCOMMITTEE ON OVERSIGHT, INVESTIGATIONS, AND MANAGEMENT of the COMMITTEE ON HOMELAND SECURITY HOUSE OF REPRESENTATIVES ONE HUNDRED TWELFTH CONGRESS SECOND SESSION __________ SEPTEMBER 21, 2012 __________ Serial No. 112-120 __________ Printed for the use of the Committee on Homeland Security [GRAPHIC] [TIFF OMITTED] Available via the World Wide Web: http://www.gpo.gov/fdsys/ __________ U.S. GOVERNMENT PRINTING OFFICE 81-129 WASHINGTON : 2013 ----------------------------------------------------------------------- For sale by the Superintendent of Documents, U.S. Government Printing Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; DC area (202) 512-1800 Fax: (202) 512-2104 Mail: Stop IDCC, Washington, DC 20402-0001 COMMITTEE ON HOMELAND SECURITY Peter T. King, New York, Chairman Lamar Smith, Texas Bennie G. Thompson, Mississippi Daniel E. Lungren, California Loretta Sanchez, California Mike Rogers, Alabama Sheila Jackson Lee, Texas Michael T. McCaul, Texas Henry Cuellar, Texas Gus M. Bilirakis, Florida Yvette D. Clarke, New York Paul C. Broun, Georgia Laura Richardson, California Candice S. Miller, Michigan Danny K. Davis, Illinois Tim Walberg, Michigan Brian Higgins, New York Chip Cravaack, Minnesota Cedric L. Richmond, Louisiana Joe Walsh, Illinois Hansen Clarke, Michigan Patrick Meehan, Pennsylvania William R. Keating, Massachusetts Ben Quayle, Arizona Kathleen C. Hochul, New York Scott Rigell, Virginia Janice Hahn, California Billy Long, Missouri Ron Barber, Arizona Jeff Duncan, South Carolina Tom Marino, Pennsylvania Blake Farenthold, Texas Robert L. Turner, New York Michael J. Russell, Staff Director/Chief Counsel Kerry Ann Watkins, Senior Policy Director Michael S. Twinchek, Chief Clerk I. Lanier Avant, Minority Staff Director ------ SUBCOMMITTEE ON OVERSIGHT, INVESTIGATIONS, AND MANAGEMENT Michael T. McCaul, Texas, Chairman Gus M. Bilirakis, Florida William R. Keating, Massachusetts Billy Long, Missouri, Vice Chair Yvette D. Clarke, New York Jeff Duncan, South Carolina Danny K. Davis, Illinois Tom Marino, Pennsylvania Bennie G. Thompson, Mississippi Peter T. King, New York (Ex (Ex Officio) Officio) Dr. R. Nick Palarino, Staff Director Diana Bergwin, Subcommittee Clerk Tamla Scott, Minority Subcommittee Director C O N T E N T S ---------- Page Statements The Honorable Michael T. McCaul, a Representative in Congress From the State of Texas, and Chairman, Subcommittee on Oversight, Investigations, and Management: Oral Statement................................................. 1 Prepared Statement............................................. 3 The Honorable William R. Keating, a Representative in Congress From the State of Massachusetts, and Ranking Member, Subcommittee on Oversight, Investigations, and Management...... 4 Witnesses Mr. John Hutton, Director, Acquisition and Sourcing Management, Government Accountability Office: Oral Statement................................................. 7 Prepared Statement............................................. 9 Mr. Nick Nayak, Chief Procurement Officer, Department of Homeland Security: Oral Statement................................................. 11 Joint Prepared Statement....................................... 13 Mr. Mark Borkowski, Assistant Commissioner, Office of Technology Innovation and Acquisition, Customs and Border Protection, Department of Homeland Security: Oral Statement................................................. 14 Joint Prepared Statement....................................... 13 Ms. Karen Shelton Waters, Assistant Administrator, Office of Acquisition, Transportation Security Administration, Department of Homeland Security: Oral Statement................................................. 16 Joint Prepared Statement....................................... 13 For the Record The Honorable Michael T. McCaul, a Representative in Congress From the State of Texas, and Chairman, Subcommittee on Oversight, Investigations, and Management: Letter From Chairman Michael T. McCaul to Hon. Janet Napolitano 5 Appendix Question From Chairman Michael T. McCaul for John Hutton......... 33 Question From Ranking Member William R. Keating for John Hutton.. 33 Questions From Chairman Michael T. McCaul for Nick Nayak......... 34 Question From Ranking Member William R. Keating for Nick Nayak... 36 Questions From Chairman Michael T. McCaul for Karen Shelton Waters......................................................... 37 Question From Ranking Member William R. Keating for Karen Shelton Waters......................................................... 38 Question From Ranking Member William R. Keating for Mark Borkowski...................................................... 39 DHS ACQUISITION MANAGEMENT CHALLENGES: SOLUTIONS FOR SAVING TAXPAYER DOLLARS ---------- Friday, September 21, 2012 U.S. House of Representatives, Subcommittee on Oversight, Investigations, and Management, Committee on Homeland Security, Washington, DC. The subcommittee met, pursuant to call, at 9:05 a.m., in Room 311, Cannon House Office Building, Hon. Michael T. McCaul [Chairman of the subcommittee] presiding. Present: Representatives McCaul and Keating. Mr. McCaul. The committee will come to order. I believe this is the 21st hearing this subcommittee has held, which may be a record in the Congress. I want to thank my Ranking Member for being so patient with all these hearings and for your great bipartisanship, and it has been a real honor to work with you. I would say this may be our last hearing, but I do think we have one more that possibly may be scheduled, but it has been a real honor to serve with you. I now recognize myself for an opening statement. Billions of taxpayer dollars have been put at high risk, and multiple key security programs do not fully meet the Department of Homeland Security's needs because DHS senior leadership is failing to hold acquisition programs accountable. DHS's major acquisition programs play a critical role in protecting the homeland. They include surveillance systems, watching for terrorists and drug traffickers along our borders, and machines screening airport passengers for explosives and other deadly threats, among other programs. These programs represent a significant investment for the American taxpayer. In 2011, DHS reported to Congress that its current major acquisition programs would cost taxpayers a total of $167 billion to field in the coming years. Unfortunately, a new report from the Government Accountability Office raises serious concerns about whether the Department is effectively managing these major acquisitions. To its credit, DHS issued a policy in 2008 intended to ensure acquisition programs demonstrate critical knowledge at key points in the life cycle of a program. Such a knowledge- based approach is often used by leading commercial firms and successful programs to mitigate risk and help ensure a sound investment. In essence, the higher the level of knowledge attained at the outset about how a technology is designed and how it operates in real-world environments, the lower the risk to the program and, in that case, the taxpayer. However, GAO found that the DHS senior leaders rarely hold programs accountable to this policy, and out of 49 programs reviewed by DHS leadership 43 were allowed to move forward with developments even though they had not adhered to the DHS's own policy. Out of 71 programs reviewed by GAO, only four adhered to DHS's policy, and over 30 programs had none of the documentation required to demonstrate this critical knowledge. These programs include some of the Department's most important initiatives, such as TSA's Transportation Worker Identification Credential, created to ensure that individuals who pose a threat do not gain unescorted access to our Nation's ports, and CBP's Strategic Air and Marine Plan, intended to help CBP prevent terrorists, drugs, and other contraband from entering the country. This lack of accountability, in my judgment, is unacceptable. Earlier this year, GAO also reported that TSA did not fully follow DHS's acquisition policy when acquiring its Advanced Imaging Technology or full-bodied scanners. Touted as a key security layer, AIT is intended to use cutting-edge technology to identify threats that may not be picked up by magnetometers or other security layers. According to GAO, DHS has approved deployment of these machines without fully knowing TSA's revised specifications. As a result, over 670 machines have been fielded that did not meet requirements that the Department initially determined were necessary to protect the aviation system. Then there are examples like CBP's Secure Border Initiative Network, or SBInet, and TSA's explosive trace portal program, known as the puffers, where taxpayers received little to no return on their sizable investment. These examples are very concerning. It seems like the Department's senior leadership is missing in action when it comes to effectively managing DHS. Why have an acquisition policy if the Department has no intention of enforcing it? A policy, even a good one, that incorporates best practices isn't worth the paper it is printed on if it isn't enforced and doesn't lead to positive outcomes. The results of these management failures are programs that are delivered late, cost more, and do less than expected. For example, costs in 16 programs increased 166 percent in only 3 years. Only one-third of the programs had Department-approved baselines, documentation essential for measuring cost growth. For the two-thirds lacking this documentation, DHS doesn't even have the data needed to measure whether cost growth in these programs exists; and these programs include CBP's nonintrusive inspection systems designed to detect contraband, such as weapons and nuclear materials, and TSA's electronic baggage screening program used to protect the aviation system from threats in checked baggage, among others. The total price tag for these unaccountable programs is about $100 billion. In total, almost all of the programs GAO reviewed faced significant challenges. DHS has initiatives under way to try and improve its acquisition outcomes such as its Centers of Excellence, intended to leverage acquisition, knowledge, and expertise across components, and Decision Support Tool, designed to consolidate key program information to allow DHS senior leaders to make better decisions. But we need solutions now, not years down the road. These issues could result in two options: Fewer resources to protect our homeland now or bankrolling these failures on the backs of future generations. Neither of these options is acceptable. The brave men and women defending our borders, protecting our airports, and patrolling our shores deserve better; and the American taxpayer deserves better. So this hearing will examine why these challenges exist and what DHS needs to do to fix these problems. So I want to also just end by saying, I don't want this to be a ``gotcha'' hearing; I don't want this to be a hearing that points only at failures; I want this to seriously be a constructive hearing to look at and examine the policies and how this committee, the Congress, can help you in doing a better job in protecting the American people. [The statement of Chairman McCaul follows:] Prepared Statement of Chairman Michael T. McCaul September 21, 2012 Billions of taxpayer dollars have been continually put at high risk and multiple key security programs do not fully meet the Department of Homeland Security's needs because DHS senior leadership is failing to hold acquisition programs accountable. DHS major acquisition programs play a critical role in protecting the homeland. They include surveillance systems watching for terrorists and drug traffickers along our borders and machines screening airport passengers for explosives and other deadly threats, among other programs. These programs represent a significant investment for the American taxpayer. In 2011, DHS reported to Congress that its current major acquisition programs will cost taxpayers a total of $167 billion to field in the coming years. Unfortunately, a new report from the Government Accountability Office (GAO) raises serious concerns about whether the Department is effectively managing these major acquisitions. To its credit, DHS issued a policy in 2008 intended to ensure acquisition programs demonstrate critical knowledge at key points in the life cycle of a program. Such a ``knowledge-based'' approach is often used by leading commercial firms and successful programs to mitigate risk and help ensure a sound investment. In essence, the higher the level of knowledge attained at the outset about how a technology is designed and how it operates in real- world environments, the lower the risk to the program and, in this case, the taxpayer. However, GAO found that DHS senior leaders rarely hold programs accountable to this policy. Out of 49 programs reviewed by DHS leadership, 43 were allowed to move forward with development even though they had not adhered to DHS's policy. Out of 71 programs reviewed by GAO, only 4 adhered to DHS's policy; and over 30 programs had none of the documentation required to demonstrate this critical knowledge. These programs include some of the Department's most important initiatives, such as TSA's Transportation Worker Identification Credential--created to ensure individuals who pose a threat do not gain unescorted access to our Nation's ports and CBP's Strategic Air and Marine Plan--intended to help CBP prevent terrorists, drugs, and other contraband from entering the country. This lack of accountability is unacceptable. Earlier this year, GAO also reported that TSA did not fully follow DHS acquisition policy when acquiring its Advanced Imaging Technology or full-body scanners. Touted as a key security layer, AIT is intended to use cutting-edge technology to identify threats that may not be picked up by magnetometers or other security layers. According to GAO, DHS approved deployment of these machines without fully knowing TSA's revised specifications. As a result, over 670 machines have been fielded that did not meet requirements that the Department initially determined were necessary to protect the aviation system. Then there are examples like CBP's Secure Border Initiative Network or SBInet and TSA's Explosive Trace Portal program known as ``the puffers'' where taxpayers received little to no return on their sizable investment. These examples are very concerning. It seems like the Department's senior leadership is ``MIA--missing in action'' when it comes to effectively managing DHS. Why have an acquisition policy if the Department has no intention of enforcing it? A policy--even a good one that incorporates best practices--isn't worth the paper it's printed on if it isn't enforced and doesn't lead to positive outcomes. The results of these management failures are programs that are delivered late, cost more, and do less than expected. For example, costs in 16 programs increased 166 percent in only 3 years. Only one- third of the programs had Department-approved baselines--documentation essential for measuring cost growth. For the two-thirds lacking this documentation, DHS doesn't even have the data needed to measure whether cost growth in these programs exists. These programs include CBP's Non-Intrusive Inspection Systems-- designed to detect contraband, such as weapons and nuclear materials, and TSA's Electronic Baggage Screening Program--used to protect the aviation system from threats in checked baggage, among others. The total price tag for these ``unaccountable'' programs: About $100 billion. In total, almost all the programs GAO reviewed faced significant challenges. DHS has initiatives underway to try and improve its acquisition outcomes, such as its Centers of Excellence intended to leverage acquisition knowledge and expertise across components, and Decision Support Tool designed to consolidate key program information to allow DHS senior leaders to make better decisions, among other initiatives. But we need solutions now, not years down the road. These issues could result in two options: Fewer resources to protect our homeland now or bankrolling these failures on the backs of future generations. Neither of these options is acceptable. The brave men and women defending our borders, protecting our airports, and patrolling our shores deserve better. The American taxpayer deserves better. This hearing will examine why these challenges exist and what DHS needs to do to fix these problems. Mr. McCaul. With that, I now recognize the Ranking Member, Mr. Keating. Mr. Keating. Thank you, Mr. Chairman. Twenty-one meetings is quite a few, and although we have come at many of the issues from different angles, I must say that this subcommittee has, I think, set a good standard of working together in our shared interest in trying to keep our country safe and to do it as efficiently as possible. I think we both share the common thread of all those hearings that we have to do something about the fragmented nature of the way this agency is set up, and in that measure Congress deserves a large degree of the responsibility for going forward with that, too. So I thank you, Mr. Chairman; and I thank our witnesses for their participation. In fiscal year, 2011 the Department spent over $14 billion on goods and services, which was over one-fourth of its budget. Moreover, the Department processed some 100,000 transactions to support Homeland Security missions in fiscal year 2011. Given these large figures, it is crucial for the Office of the Chief Procurement Officer to ensure both rigorous oversight over its procurement policies and procedures and effective communication with key component agency officials and designated personnel. A clear procurement policy from the Department and accompanying guidance to implement procurement procedures are also necessary to avoid instances of duplication and waste. GAO's recent report regarding the Department's procurement oversight initiatives rightly criticized the Office of the Chief Procurement Officer for not adequately communicating with or preparing component agency officials and personnel for completing procurement-related self-assessments or other program requirements, for that matter. I look forward to hearing from the witnesses about the actions of the Department, what they are doing to ensure that the component agencies are aware of what is expected of their personnel assigned and conducted their own personal oversight. I also want to learn more from the witnesses about actions being taken by the Department to prevent future occurrences of noted failed procurement programs, including FPS's risk assessment and management tool, TSA's puffer passenger screening program, and the Office of Health Affairs' BioWatch and SBInet. In addition, I am particularly interested in hearing from the witnesses about the impact that strategic sourcing has had on procurement at the Department and the training and outreach that has been offered to component personnel. Finally, I would be interested to hear what measures the Office of the Chief Procurement Officer has undertaken to protect the ability of small, minority, and women-owned and other disadvantaged businesses to continued competing for contracting opportunities given that strategic sourcing is becoming--is, rather, being promoted across the Department and throughout the entire Federal Government. With that, I look forward to today's hearing and yield back my time. Mr. McCaul. I thank the Ranking Member. Before I introduce the witnesses, I do want to state for the record that over 100 days ago this subcommittee requested information from the Secretary, Secretary Napolitano, on information related to DHS's conferences, to examine that in our oversight functions, just as the GSA had their issues. We have not received a response. We have followed up with a second letter earlier this week. I would like to enter that letter into the record, and I hope the Secretary hears this and responds to that letter. [The information follows:] Letter From Chairman Michael T. McCaul to Hon. Janet Napolitano September 19, 2012. The Honorable Janet Napolitano, Secretary, Department of Homeland Security, Washington, DC 20528. Dear Secretary Napolitano: On April 27, 2012, the Subcommittee on Oversight, Investigations, and Management requested the Under Secretary for Management provide information regarding National and international conferences attended by Department of Homeland Security personnel. This request was straightforward and limited in scope. It asked for information on the name, location, and cost (including reimbursement of personnel) of conferences held in fiscal year 2011 both Nationally and internationally for a sample of the components within the Department. As the third-largest Department in the Federal Government with an annual budget of almost $60 billion, this information should not be difficult to obtain. We asked that the information be provided no later than May 31, 2012. Over 100 business days have since passed and our subcommittee has yet to receive this information despite promises from your staff that the information is being compiled. This is truly unacceptable. The silence from your Department on this issue is deafening. The Department's dereliction in providing this information raises a simple question: What does DHS have to hide on its participation in these conferences? The American people's faith in Government was severely shaken when the Inspector General at the General Services Administration (GSA) reported egregious waste and abuse of taxpayer dollars. Lavish spending on conferences within GSA demonstrated a culture of waste and misuse of power. Our request, made on behalf of the taxpayers for whom we serve, is intended to ensure such a culture does not exist at DHS. Unfortunately, your Department's failure to provide our requested information leaves this question very much in doubt. Upon his inauguration, President Obama pledged that his administration would usher in a new era of transparency. From inadequate answers on DHS's role in Operation Fast and Furious, sidestepping Congress on the administration's policy to allow foreigners, even members of terrorist organizations, into the United States, and failure to provide DHS witnesses at important Congressional hearings, this is just the latest example demonstrating how your Department has not lived up to the important expectation of an open and accountable Government. Finally, if the delay in providing this information is due to difficulties in obtaining it, I question how the Department can be entrusted with managing complex acquisition and procurement programs worth billions in taxpayer dollars. DHS's inability to track and maintain routine data on personnel travel and conferences could be symptomatic of negligence in managing other aspects of the Department that have a direct impact on DHS's ability to protect the homeland. If your Department cannot immediately provide the subcommittee with our requested information, we will explore more formal ways to obtain it. Your staff may contact Dr. R. Nicholas Palarino, Subcommittee Staff Director for Oversight, Investigations, and Management to discuss these issues. Sincerely, Michael T. McCaul, Chairman, Subcommittee on Oversight, Investigations, and Management. Mr. McCaul. With that, let me introduce Mr. John Hutton, Director at the U.S. Government Accountability Office, working for the Acquisition and Sourcing Management team. He provides direct support to Congressional committees and Members on a range of acquisition and sourcing issues aimed at improving the ability of Federal agencies to buy products and services efficiently and effectively. Throughout his more than 30 years at the GAO, he has led reviews on numerous issues, including Iraq and Afghanistan reconstruction and U.S. and Mexico border infrastructure, which I would be very interested to hear about, Mr. Hutton. I am very much interested in those areas. Next, we have Dr. Nick Nayak, who tells me he is pro-Texan. He is not from Texas, but he wants to move to Texas at some point. I think that is what you told me, correct? Mr. Nayak. Right. Mr. McCaul. He is the chief procurement officer at the Department of Homeland Security, and prior to coming to DHS Mr. Nayak served as deputy director for the IRS Procurement. Before rising to deputy director for IRS Procurement, Mr. Nayak served in several high-impact leadership positions in the IRS. While I do appreciate your pro-Texas views, that may not get you off the hook completely from my questions. Mr. Nayak. Happy to be on there. Mr. McCaul. Next, we have Mr. Mark Borkowski--who I have known for quite some time now. We have been down to the border together, and I think he has made great progress in some areas with respect to the border. Perhaps we will hear about that today--assistant commissioner for the Office of Technology Innovation and Acquisition with the U.S. Customs and Border Protection. He is responsible for ensuring technology efforts are properly focused on mission and well integrated across CBP for strengthening effectiveness in acquisition and program management. In addition to being the assistant commissioner, Mr. Borkowski serves as CBP's component acquisition executive. He has also served 23 years on active duty in the United States Air Force, and we sure do appreciate your service in the Air Force. Last, we have Ms. Karen Shelton Waters, who is the assistant administrator for the Office of Acquisition at the Transportation Security Administration. Ms. Waters is TSA's component acquisition executive responsible for managing and overseeing TSA acquisition programs that are deployed to airports Nation-wide and the agency's contracting workforce. Prior to joining TSA, Ms. Waters served as director of the Administrative Services Division for the U.S. Department of Agriculture's Food Safety and Inspection Service. So I want to thank all of you for being here today; and, with that, I now recognize Mr. Hutton for his testimony. STATEMENT OF JOHN HUTTON, DIRECTOR, ACQUISITION AND SOURCING MANAGEMENT, GOVERNMENT ACCOUNTABILITY OFFICE Mr. Hutton. Thank you. Chairman McCaul, Ranking Member Keating, and Members of the subcommittee, thank you for inviting me here today to discuss investment management at the Department of Homeland Security. DHS invests extensively in major acquisition programs to help the Department execute its many critical missions. It is acquiring systems to help secure the border, screen travelers, enhance cybersecurity, and execute a wide variety of other operations. In 2011, DHS reported to Congress that it planned to invest $167 billion in these major acquisition programs. In fiscal year 2012 alone, DHS reports investing about $18 billion. However, we have previously reported that DHS has not managed its investments effectively, and its acquisition management activities have been highlighted on GAO's high-risk list since 2005. Earlier this week, as you know, we issued a new report that focused on the Department's acquisition governance process, and I would like to highlight three points here today. First, most of DHS's major acquisition programs have faced challenges that increase the risk of poor outcomes. Earlier this year, we surveyed all 77 major program offices identified by DHS and achieved a 92 percent response rate, which is quite high. Nearly all responded that their programs experienced significant challenges that have been shown to increase the risk of cost growth and schedule delays. Specifically, 68 of the programs reported experiencing funding instability, workforce shortfalls, or planned capabilities that changed after initiation. Thirty programs reported experiencing all three of these challenges. Because DHS does not have the data needed to accurately measure program performance and outcomes, we used our survey results, information DHS provided to Congress in a recent internal DHS review, and identified 42 programs that experienced cost growth, schedule slips, or both. The second point is that the data needed to help accurately measure program performance is, in fact, required under DHS's own acquisition policies. In reviewing these policies, we found they reflect many key program management practices that can help mitigate program risks. The policies required DHS program offices to capture the critical knowledge at key decision points in documents. This knowledge can provide a foundation for DHS leadership to make better-informed investment decisions and to potentially increase the Department's return on its investments. However, we found, as we did in 2008, 2010, as well as our recent report, that DHS generally has not adhered to this policy. Since 2008, our analysis has shown that DHS permitted 43 of the 49 programs it reviewed to proceed with acquisition activities without fully demonstrating the required critical knowledge. As a result, we found that most major programs lacked reliable cost estimates, realistic schedules, and agreed-upon performance objectives. The absence of this key information really limits DHS leadership's ability to proactively manage its major investments and provide essential oversight information to Congress. DHS officials told us they recognize the need to implement the Department's acquisition policy more consistently, but we believe significant work remains. Our third point, over the past 2 years, DHS has introduced seven major initiatives to help improve the investment management across the Department and address key issues identified in our past reports, including the high-risk report. One initiative, called the Integrated Investment Life Cycle Model, is intended to improve strategic decisions at critical phases of the investment life cycle. Other initiatives are targeted at improving component-level acquisition management, acquisition workforce development, and the development of a business intelligence tool, which is essentially a database to help increase the Department's access to program data and performance metrics. However, how effective these initiatives will be remains to be seen. Each of the initiatives face capacity issues, and DHS is still developing implementation plans. In closing, we have made a number of recommendations to DHS over the years to help improve investment management, including our latest report, and DHS has generally concurred. The Department's recent efforts demonstrate a commitment to improving its investment management. However, it is essential that it take a more disciplined approach moving forward to adhering to its acquisition policies, particularly as the Department must adjust to a period of Government-wide fiscal constraints. Without greater discipline, DHS decision-makers will continue to lack the information needed to proactively manage the major programs, and the Department will continue to run the risk of paying more than expected for less capability than promised. Chairman McCaul, Ranking Member Keating, and Members of the subcommittee, this concludes my prepared statement, and I would be happy to answer any questions you may have. [The prepared statement of Mr. Hutton follows:] Prepared Statement of John Hutton September 21, 2012 homeland security.--dhs requires more disciplined investment management to help meet mission needs gao-12-1029t Chairman McCaul, Ranking Member Keating, and Members of the subcommittee: I am pleased to be here today as you examine investment management at the Department of Homeland Security (DHS). DHS invests extensively in acquisition programs to help secure the border, facilitate trade, screen travelers, enhance cybersecurity, improve disaster response, and execute a wide variety of other operations in support of its critical missions. In 2011, DHS reported to Congress that it planned to ultimately invest $167 billion in its major acquisition programs, and in fiscal year 2012 alone, DHS reported it was investing more than $18 billion in the Department's acquisition programs. DHS acquisition management activities have been highlighted in our High-Risk List since 2005, and our work over the past several years has identified significant shortcomings in the Department's ability to manage an expanding portfolio of complex acquisitions.\1\ We have previously established that a program must have a sound business case that includes firm requirements, a knowledge-based acquisition strategy, and realistic cost estimates in order to reduce program challenges.\2\ These conditions provide a program a reasonable chance of overcoming challenges yet delivering on time and within budget. Earlier this week, GAO issued a report entitled Homeland Security: DHS Requires More Disciplined Investment Management to Help Meet Mission Needs.\3\ In this report, GAO found that while DHS has a sound acquisition management policy in place and has introduced initiatives to address long-standing challenges, DHS's ability to manage its acquisition programs is hampered by the lack of consistency with which it has implemented its policy. This report is the basis for my remarks today. --------------------------------------------------------------------------- \1\ GAO, High-Risk Series: An Update, GAO-05-207 (Washington, DC: January 2005); Department of Homeland Security: Billions Invested in Major Programs Lack Appropriate Oversight, GAO-09-29 (Washington, DC: November 18, 2008); Department of Homeland Security: Assessments of Selected Complex Acquisitions, GAO-10-588SP (Washington, DC: June 30, 2010). \2\ GAO, Defense Acquisitions: Managing Risk to Achieve Better Outcomes, GAO-10-374T (Washington, DC: Jan. 20, 2010). \3\ GAO-12-833 (Washington, DC: Sept. 18, 2012). --------------------------------------------------------------------------- In 2008, DHS issued the initial version of its current acquisition policy--Acquisition Management Directive 102-01 (AD 102)--in an effort to establish an acquisition management system that effectively provides required capability to operators in support of the Department's missions.\4\ AD 102 establishes that DHS's Chief Acquisition Officer-- currently the Under Secretary for Management (USM)--is responsible for the management and oversight of the Department's acquisition policies and procedures.\5\ AD 102 also establishes that the USM and other senior leaders are responsible for reviewing and approving the movement of DHS's major acquisition programs through four phases of the acquisition life cycle at a series of five predetermined Acquisition Decision Events. An important aspect of the Acquisition Decision Events is the review and approval of key acquisition documents critical to establishing the need for a major program, its operational requirements, an acquisition baseline, and testing and support plans. At the Acquisition Decision Events, AD 102 requires that an Investment Review Board (IRB)--consisting of senior managers from various functional disciplines--support the USM and other senior leaders by reviewing major acquisition programs for proper management, oversight, accountability, and alignment to the Department's strategic functions. The Office of Program Accountability and Risk Management (PARM), which is responsible for DHS's overall acquisition governance process, supports the IRB, and reports directly to the USM. PARM develops and updates program management policies and practices, oversees the acquisition workforce, provides support to program managers, and collects program performance data. --------------------------------------------------------------------------- \4\ The interim version of AD 102 replaced Management Directive 1400, which had governed major acquisition programs since 2006. DHS originally established an investment review process in 2003 to provide Departmental oversight of major investments throughout their life cycles, and to help ensure that funds allocated for investments through the budget process are well spent. DHS issued an updated version of AD 102 in January 2010 and subsequently updated the guidebook and appendices. \5\ The Secretary of DHS designated the USM the Department's Chief Acquisition Officer in April, 2011. --------------------------------------------------------------------------- Because DHS invests significant resources developing capabilities to support the Department's mission, our recent report identifies the extent to which: (1) DHS's major acquisition programs face challenges that increase the risk of poor outcomes; (2) DHS has policies and processes in place to effectively manage individual acquisition programs; (3) DHS has policies and processes in place to effectively manage its portfolio of acquisition programs as a whole; and (4) DHS has taken actions to address the high-risk acquisition management issues we have identified in previous reports.\6\ To address these issues, we surveyed all 77 major program offices from January to March 2012, and achieved a 92 percent response rate.\7\ We also reviewed all available documentation of Department-level acquisition decisions from November 2008 to April 2012; interviewed acquisition officials at DHS headquarters and components; reviewed resource plans and DHS performance reports; compared our key acquisition management practices to DHS acquisition policy; identified the extent to which DHS has implemented its policy; and analyzed the Department's recently proposed efforts to address high-risk acquisition management challenges.\8\ --------------------------------------------------------------------------- \6\ GAO-12-833. \7\ DHS originally identified 82 major acquisition programs in the 2011 major acquisition oversight list, but five of those programs were subsequently cancelled in 2011. Seventy-one program managers responded to the survey. \8\ We conducted this performance audit from August 2011 to September 2012 in accordance with generally accepted Government auditing standards. Those standards require that we plan and perform the audit to obtain sufficient, appropriate evidence to provide a reasonable basis for our findings and conclusions based on our audit objectives. We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives. --------------------------------------------------------------------------- In summary, we found that 68 of the 71 programs that responded to our survey reported that they experienced funding instability, faced workforce shortfalls, or that their planned capabilities changed after initiation. Most respondents reported a combination of these challenges. We have previously reported that these challenges increase the likelihood acquisition programs will cost more and take longer to deliver capabilities than expected. Although DHS largely does not have reliable cost estimates and realistic schedules to accurately measure program performance, we used our survey results, cost information DHS provided to Congress, and an internal DHS review to identify 42 programs that experienced cost growth, schedule slips, or both. Further, using DHS's future-years funding plans--which aggregate funding levels to produce total project costs--we gained insight into the magnitude of the cost growth for 16 of the 42 programs. The total project costs for these 16 programs increased from $19.7 billion in 2008 to $52.2 billion in 2011, an aggregate increase of 166 percent. We also found that DHS's acquisition policy reflects many key program management practices that could help mitigate risks and increase the chances for successful outcomes. It requires programs to develop documents demonstrating critical knowledge that would help leaders make better-informed investment decisions when managing individual programs, such as operational requirements documents that provide performance parameters that programs must meet, and acquisition program baselines that establish programs' critical baseline cost, schedule, and performance parameters. However, there are areas where DHS could further enhance its acquisition policy. Furthermore, as we have similarly reported in 2008 and 2010, DHS has not consistently met the requirements it has established.\9\ The Department has only verified that four programs documented all of the critical knowledge the policy requires to proceed with acquisition activities. A number of officials explained that DHS's culture has emphasized the need to rapidly execute missions more than sound acquisition management practices. DHS recognizes the need to implement its acquisition policy more consistently, but significant work remains to ensure DHS has the knowledge required to effectively manage its programs. --------------------------------------------------------------------------- \9\ GAO-09-29, GAO-10-588SP. --------------------------------------------------------------------------- In addition, we determined that DHS's acquisition policy does not fully reflect several key portfolio management practices, such as allocating resources strategically, and DHS has not yet re-established an oversight board to manage its investment portfolio across the Department. Since 2006, DHS has largely made investment decisions on a program-by-program and component-by-component basis. Cost growth and schedule slips, coupled with the fiscal challenges facing the Federal Government, make it essential that DHS allocate resources to its major programs in a deliberate manner. DHS plans to develop stronger portfolio management policies and processes, but until it does so, DHS programs are more likely to experience additional funding instability, which will increase the risk of further cost growth and schedule slips. These outcomes, combined with a tighter budget, could prevent DHS from developing needed capabilities. In 2011, DHS began to develop initiatives that could improve acquisition management by addressing long-standing challenges we have identified, such as funding instability and acquisition workforce shortfalls. DHS has made progress implementing some of the initiatives. As of August 2012, DHS chartered eight Centers of Excellence to bring together program managers, senior leadership staff, and subject matter experts, and created a Procurement Staffing Model to determine optimal numbers of personnel to properly award and administer contracts. However, implementation plans are still being developed, and DHS is still working to address critical issues, particularly capacity questions. Because of this, it is too early to determine whether the DHS initiatives will be effective, as we have previously established that agencies must sustain progress over time to address management challenges. DHS is also pursuing a tiered governance structure that would delegate major milestone decision authority to lower-level managers, but it must reduce risks and improve program outcomes before delegating this authority.\10\ --------------------------------------------------------------------------- \10\ DHS implemented this tiered-governance structure for 14 information technology programs in fiscal year 2011. --------------------------------------------------------------------------- In our report, we made five recommendations intended to improve investment management at DHS: (1) Modify DHS policy to better reflect key program management practices, (2) modify DHS policy to better reflect key portfolio management practices, (3) ensure acquisition programs fully comply with DHS acquisition policy by obtaining Department-level approval for key acquisition documents, (4) prioritize major acquisition programs Department-wide and account for anticipated resource constraints, and (5) document prerequisites for delegating major milestone decision authority. In commenting on our draft report, DHS concurred with all five of our recommendations, and identified specific actions they plan to take to address three of them. DHS stated that the remaining two recommendations--ensure acquisition programs comply with DHS acquisition policy, and document prerequisites for delegating major milestone decision authority--should be closed based on actions taken. However, it would be premature to do so because nearly all of DHS's major acquisition programs lack key acquisition documents and DHS did not provide documentation clearly establishing prerequisites for delegating major milestone decision authority. Chairman McCaul, Ranking Member Keating, and Members of the subcommittee, this concludes my prepared remarks. I would be happy to answer any questions that you may have. Mr. McCaul. I thank you, Mr. Hutton. The Chairman now recognizes Dr. Nayak. STATEMENT OF NICK NAYAK, CHIEF PROCUREMENT OFFICER, DEPARTMENT OF HOMELAND SECURITY Mr. Nayak. Thank you, Chairman McCaul, Ranking Member Keating, and other distinguished Members of the subcommittee. Thank you for the opportunity to discuss DHS's on-going efforts to improve acquisition investment management. I am the DHS Chief Procurement Officer and a career public servant with 23 years of service in the procurement profession. With 9 days remaining in the fiscal year, this is the busiest time for my employees, and I want to wish each of them well as they buy things that protect our great Nation. I am pleased to be joined today by my colleagues, Mr. Mark Borkowski and Ms. Karen Shelton Waters, two of our 14 component acquisition executives who oversee programs within their respective components. I also wish to acknowledge Mr. John Hutton of the GAO. GAO has been a valued partner throughout my tenure at DHS and in public service. Our vision: About 24 months ago, without requesting additional resources, Under Secretary for Management Rafael Borras, in collaboration with all key DHS acquisition stakeholders, including myself, set in motion a number of initiatives to improve all phases of the acquisition life cycle. A primary goal of the initiatives, to establish an acquisition process that reduces duplication and saves money; and you get that done by minimizing program risk and improving program governance and execution. The under secretary first established and then elevated an organization called the Office of Program Accountability and Risk Management, known as PARM, to focus on these three objectives: Minimizing program risk, improving program governance, and improving program execution. In the area of minimizing program risk, it is through PARM's implementation of the Department's integrated strategy for high-risk management that we have more aggressively worked to reduce risk. For example, the Department has instituted one component of that strategy, the Integrated Investment Life Cycle Model, to strengthen the agency's governance of critical phases of the investment life cycle and thus moving toward a sound budget strategy that systematically prioritizes the Department's major investments. In the area of improving program governance, DHS has also established a new component acquisition executive structure, Revised Management Directive 102, and revamped the Acquisition Review Board process to ensure more active involvement of science and technology policy, the privacy office, and other key stakeholders. The new CAE structure is key because it establishes a more logical line of authority between the Department and our components. This allows for uniform implementation of policies, oversight, and decision making. As a result of this change, program managers cannot deviate from an approved strategy. In addition, the Decision Support Tool, a web-enabled business intelligence tool that enables us to identify programs that have deviated from pre-established cost and schedule and performance goals. In addition to that, a quarterly program accountability report also made available to all key acquisition stakeholders throughout the Department. So better business intelligence being provided and consistent information being provided to the entire program management community. In the area of improving program execution, as was mentioned previously, the Department has created--or identified eight Centers of Excellence. That will provide program management offices and front-line program managers with best practices, guidance, and expertise in such areas as requirements engineering, cost estimating and analysis, test and evaluation, enterprise architecture, and program management. Emphasizing continuous and early engagement with industry, a priority of mine for first-time-ever for a CPO in DHS, and that will additionally help us with requirements. In the area of strategic sourcing, we are basically getting a better deal for all the contracts that support our programs. We have increased the use of strategically-sourced contracts supporting our programs by 6 percent. Roughly about 26 percent or $2.8 of the $14 billion is passed through our strategically sourced contracts, saving us roughly about $200- to $300 million a year and a billion dollars since our strategic sourcing program office was stood up. Finally, in the area of acquisition workforce management, we have completed a staffing model. You have got to kind of know how many people you need to carry out all of this acquisition that we are doing in DHS. First of all--and I would just remind everybody--that all of the initiatives that we have in flight now we have done without additional resources, by realigning what we have, but it is very clear in DHS acquisition that we need more resources. In conclusion, we have made progress in improving DHS acquisition and investment management. There is still work to be done. We look forward to our partnership with GAO and Members of this subcommittee as we collectively work to protect our Nation. Thank you again for the opportunity to testify, and I look forward to answering any questions. [The joint prepared statement of Mr. Nayak, Mr. Borkowski, and Ms. Waters follows:] Joint Prepared Statement of Nick Nayak, Mark Borkowski, and Karen Shelton Waters September 21, 2012 Chairman McCaul, Ranking Member Keating, and other distinguished Members of the subcommittee, I appreciate the opportunity to discuss the Department of Homeland Security's (DHS) on-going efforts to integrate all phases of our acquisition process, from the conceptual phase through execution. The acquisition management portfolio, which includes the planning, budgeting, procurement, and program management phases, represents nearly $18 billion of the Department's budget. Ensuring that it operates at peak efficiency is critical to our ability to defend the Nation. I wish to acknowledge the GAO, which has been a valued partner throughout my tenure. Their independent reviews have been insightful and have helped shape our strategy. I also wish to acknowledge my partners from CBP and TSA, who represent two of the seven Component Acquisition Executives (CAE) who are responsible for overseeing several of the Department's major acquisition programs. Mr. Borkowski and Ms. Shelton-Walters have been instrumental in solidifying the CAE structure and improving the quality of the program management discipline. I welcome the opportunity to update you on enhancements to the Department's acquisition management framework. We continue to improve the analysis and rigor for all phases of the acquisition life cycle. We are also using more accurate business intelligence and a more mature governance framework to analyze critical details before authorizing a program to proceed to the next phase of its life cycle. policy Over the past 3\1/2\ years, DHS has strengthened its policy for approving and managing acquisition programs. The second revision to Management Directive (MD) 102 is in the final stages of the approval process with the accompanying instruction and guidance to be developed over the next couple of years. This policy update will help clarify standards for all acquisition programs, improve the effectiveness of governance and ensure that cost, schedule, and performance metrics are more effectively monitored. As a result, the front-line program manager will have clearer, more uniform processes and standards to follow, which will improve efficiency and mitigate risk. structure In addition to strengthening DHS's acquisition management policy, we are also reinforcing our support structure through the creation of acquisition and program management Centers of Excellence (COE), staffed by subject matter experts throughout the Department. The Office of Program Accountability and Risk Management (PARM) championed the formation of eight COEs, which provide Component program offices with best practices, guidance, and expertise in such functional domains as cost estimating and analysis; requirements engineering; test and evaluation; systems engineering; program management; accessibility; and privacy. In addition, as a result of this effort, DHS has developed guidebooks offering practical direction on such issues as acquisitions planning, requirements development and market research. This initiative addresses a GAO recommendation to enhance program management capability, integrate best practices across components, and proactively address program gaps before they become major issues. To date, the COEs have engaged with over 78 percent of the Department's major programs and we expect that all programs will access COE services in fiscal year 2013. more uniform governance framework As mentioned earlier, the new CAE structure establishes a more logical vertical line of authority between the Department and the components. This allows for uniform implementation of policies, oversight, and decision making. As a result of this change, program managers cannot deviate from an approved strategy unless they receive authorization from the designated decision authority. For major programs, designated in accordance with MD 102-01, this decision authority rests with the chairperson of the Acquisition Review Board (ARB). We have convened 120 ARBs since MD 102-01 was established. This uniform framework has been well-received by many components who had been seeking a more disciplined approach to program management and has resulted in better oversight and better performing programs. Since the governance framework was solidified, several high-risk programs have been directed to make adjustments before proceeding to the next Acquisition Decision Event (ADE). A number of components have flourished under this new framework and are considered models for others to follow. For example, CBP implemented a single Acquisition Policy and Process Guide; developed a governance structure that simplifies and reduces the number of redundant reviews; instituted a long-term, multi-year strategy for acquiring and supporting capabilities and developed a Program Analysis and Evaluation capability. Likewise, TSA has appointed an Assistant Administrator for Acquisition who serves as both the Head of the Contracting Activity and the CAE. This realignment provides improved efficiency by establishing a single authority that is accountable for program performance. Both the TSA and CBP CAEs work collaboratively with PARM to ensure the efficient execution of all major programs in accordance with DHS policy. enhancing business intelligence and acquisition management Through these enhancements, DHS is reducing risk by implementing improvements in its program management tools. The primary method of monitoring programs is through the Decision Support Tool (DST) became operational in October 2011. The DST is a web-enabled business intelligence tool that provides a central dashboard for assessing and tracking the health of major acquisition programs, including key indicators such as cost, funding, and schedule. The DST has yielded dividends by identifying programs that have deviated from pre- established cost and schedule performance goals, which are generally recognized indicators that predict the probability for success. In addition, the Department recently piloted Joint Functional Portfolio Reviews to aid in business, financial, and programmatic decision-making across the acquisition life cycle. conclusion While work remains, the Department has made significant strides in improving acquisition management for the Department's portfolio of major programs. DHS has worked diligently to improve its acquisition processes while shifting the decision-making paradigm to the use of more empirical evidence and support programs throughout their life cycle. These efforts have produced more effective governance and significant improvements to current and future acquisitions. Thank you again for the opportunity to appear before you and I look forward to your questions. Mr. McCaul. Thank you, Dr. Nayak. The Chairman now recognizes Mr. Borkowski for his testimony. STATEMENT OF MARK BORKOWSKI, ASSISTANT COMMISSIONER, OFFICE OF TECHNOLOGY INNOVATION AND ACQUISITION, CUSTOMS AND BORDER PROTECTION, DEPARTMENT OF HOMELAND SECURITY Mr. Borkowski. Good morning, Chairman McCaul, Ranking Member Keating. I appreciate the opportunity to be here and talk to you about how we see acquisition management and its trending as we go into the next couple of years. We have discussed a lot about initiatives and specific initiatives. One of the things I would like to focus on a little bit as I get started here is the context of those initiatives, because I think that is very important. They are not a loose connection of things that people made up. There is actually sort of a holistic approach to a problem that those represent attacks on. So I would like to focus on a couple of the areas that occur to me as I look at our acquisition programs and talk about how these initiatives support this holistic sense. First of all, when you come into a program like we have come into, you have to struggle with a balance between past, present, and future; and what I mean about that is many of the programs that you cited, many of the programs that we are dealing with were, frankly, established in the absence of discipline. They were established with heroics and energy and commitment but not necessarily with supporting infrastructure, processes, tools, and skills. As I am sure we all know, if you move quickly on the wrong path, you get to a bad place faster. So, frankly, a lot of what we are dealing with is the how do I get out from under that bad place? But we don't want to forget as we do that that we don't want to be in that same bad place in 2 or 3 years. So I think it is important to understand that these initiatives are focused on two things. One is, how do we deal with the fact that we are in a bad place? But, also, how do we make sure that my successor doesn't have the sleepless nights and the headaches that I am having so that they are not in a bad place in the future? We shouldn't forget about that as we go forward. You mentioned SBInet. We were in a bad place. Sometimes being in a bad place requires stopping and starting again from scratch. Other times, it requires less drastic measures, but we are working through that. These initiatives are designed to help us with both the bad place and making sure we are not there in the future. The second thing I think is important to discuss is risk management, and that term has been used several times already in this hearing. First, I think it is important to understand there is a very specific definition of risk management. We use the term very loosely, but in my business there is a well-understood, well-established definition, and the definition of risk is the combination of the likelihood that something bad will happen and the severity of the consequence of it if it does. So if you have a low probability of something bad happening, and even if it does happen it doesn't matter, that is low-risk. If you have a high probability of something bad happen, and if it does it will be really bad, that is high-risk. Then you have got this kind of in-between, tough-to-handle area where you have a high probability of something but it is not a big deal or a low probability. So that is risk management. I go through that because what is important to me is to remember that there is no such thing as a program with no risk. We don't have the resources to have no risk. So acquisition and program management is all about identifying, quantifying, and deciding as a community what risks are reasonable, and understanding that, even if that decision is rational, we may still lose the bet. We might say it was reasonable, and we need to reward prudent risk-taking. Part of the problem we have had in the past is that we have taken risks without knowing that they were risks, without transparency between the components and the Department and Congress about we all agree that that is a reasonable risk to take. Many of the initiatives and tools we are talking about are tools that help us make sure we all understand the risks, we are transparent about the risks, and we can reinforce the program managers who we have asked to take those risks as they proceed. The third thing I think that is important in context is the role of the program manager. This is the person who is actually on the point. We are a support structure to program managers. But, ultimately, programs will succeed or fail based on the skill, competence, talent of the program managers. Many of our initiatives are designed for us to grow program managers. Because, frankly, we have asked many people to perform in this role who we have not given the tools and the support to perform. That is clearly on us. Many of the initiatives that we have talked about here are focused on helping strengthen the program manager, either by developing training or by reinforcing them with access to things like Centers of Excellence and other executives who can support them. So those are kind of three big contextual issues under which I think it is important to evaluate this portfolio of initiatives. From the perspective of CBP and the portfolio I have, we have valued and benefited from these initiatives as we have gone forward. We have augmented them with our own initiatives. We believe that they give us a much brighter future, and we appreciate the committee's support as we deal with the bad stuff that we are trying to dig out from under at the same time. So I look forward to the committee's questions, and I appreciate the opportunity to be here. Mr. McCaul. Thank you, Mr. Borkowski. We certainly recognize you didn't create all these problems that I identified. I appreciate your insight and expertise to resolve these problems. It is very important not only to the Congress and the DHS but to the American people. Ms. Waters, you are now recognized for your testimony. STATEMENT OF KAREN SHELTON WATERS, ASSISTANT ADMINISTRATOR, OFFICE OF ACQUISITION, TRANSPORTATION SECURITY ADMINISTRATION, DEPARTMENT OF HOMELAND SECURITY Ms. Waters. Good morning, Chairman McCaul, Ranking Member Keating, and distinguished Members of the subcommittee. Thank you for the opportunity to appear before you today. As you may know, the Transportation Security Administration's Office of Acquisition is headquartered in Arlington, Virginia. OA is a mission-focused adviser for planning and managing TSA's acquisition programs and procurements, and our portfolio includes 34 designated acquisition programs. In addition, we manage the acquisition workforce and we provide day-to-day support to TSA's acquisition program managers for a wide range of critical acquisition-related processes. I serve as the assistant administrator for acquisition, and I function as the head of the contracting activity, or HCA, as well as the component acquisition executive, or CAE. Our acquisition portfolio includes six level 1, five level 2, and 23 level 3 programs. Level 1 programs consist of life- cycle costs in excess of $1 billion, level 2 in excess of $300 million, and level 3 programs are budgeted at $300 million or less. Among TSA's level 1 programs are the passenger screening program Secure Flight and our electronic baggage screening program. Two examples of level 2 programs include the National Canine Program and the Security Technology Integrated Program. The office assists program managers in developing acquisition strategy and program planning. This assistance is delivered through services such as assisting in preparation and review of acquisition documents, including acquisition plans, mission need statements, operational requirements documents, analysis of alternatives, and life-cycle cost estimates, to name a few. Our office operates a training program for TSA program managers and staff, covering topics such as acquisition planning, source selection, risk management, writing of statements of work, and logistics. We provide program offices in acquisition functional areas of program management, requirements development life-cycle cost estimating, test evaluation, systems engineering, acquisition planning, and certain procurement-specific areas. We also staff a small business office that promotes initiatives to maximize the use of small and disadvantaged businesses to meet TSA's needs. My responsibilities include ensuring programs throughout the organization follow GHS and TSA acquisition policy. We use a program scorecard to assess programs in terms of cost, schedule, technical performance, planning, execution, and risk. In addition, we conduct quarterly assessments of TSA's acquisition programs, which are presented to senior leadership. For each of our level 3 programs, decisions occur at TSA's acquisition review boards, or ARB, which are attended by assistant administrators or their representatives from across TSA. By centralizing CAE and HCA functions with the Office of Acquisition, TSA receives the benefits of enhanced collaboration, integration, and reconciliation in supporting its acquisition programs. I maintain a collaborative relationship and coordinate with my counterparts at DHS regularly. Our offices use similar and sometimes shared databases and systems to monitor and manage the acquisition performance. The Aviation and Transportation Security Act, or ASTA, provides TSA with statutory authority to enter into and perform such contracts, leases, cooperative agreements or other transactions as may be necessary to carry out the functions of the administrator and the administration. Other transaction agreements establish a set of legally enforceable promises between TSA and the recipients; and OTA is not a procurement contract, grant, cooperative agreement, lease, or loan. TSA uses OTAs in many instances, such as for the advanced surveillance program that provides Federal dollars to airports to install closed-circuit cameras to monitor sensitive areas and the electronic baggage screening program that funds airports' facility modifications to accommodate checked baggage and section systems. The TSA Office of Acquisition is committed to developing, implementing, and reporting acquisition metrics that coincide with TSA's mission and vision that are timely, realistic, and accurate, and that will drive informed and effective decision making by TSA leadership and management. Thank you again for the opportunity to appear before you today. I look forward to answering any questions you may have. Mr. McCaul. Thank you, Ms. Waters. Mr. Hutton, I just want to thank you for your excellent report and work identifying the problems and trying to identify solutions to those problems. I remember I used to think that the Secretary of Homeland Security should be somebody with like our background, a prosecutor, law-enforcement type. Then I thought, no, maybe a general, like some military guy that could really run a tight ship, you know, would be perfect for that job. But more and more I am starting to think that what we really need is a business leader at the top, somebody that, when I look at the problems of DHS and how to fix DHS, so many of these issues are management-related more than anything, acquisition-related or management. I will leave that for the next President, whoever that is, to make that decision. But, you know, I think like Steve Jobs, who was just brilliant in terms of business, if he was looking at his latest version of the iPhone and suddenly it cost 200 percent more than they thought or he had cost overruns or it was delayed, they were going to announce it was going to come out in September but it didn't come out until like 2 years later, you know, in the private sector this just wouldn't--and I understand this is a different animal than the private sector, but that would not fly in the private sector. There were these 2008 guidelines I think DHS, you know, put forward which were good--and I think you identified that, Mr. Hutton, in your report--and yet the Department doesn't follow it, for some reason. So, Mr. Hutton, let me just go to you first. If you could just tell me what you--if you could just simply identify what you perceive to be the problem, what you would also put forward as the fix to this problem. Mr. Hutton. Thank you, Chairman. There is a number of points I think I could make on this. One, you referenced the private sector and what would the private sector do. The thing I would point out is that a lot of the processes and the steps and the decision points that you will see in the current directive is really based on commercial practices, and it is all about also managing risk. The private sector will at the early stages decide what kind of portfolio of projects they might want to take on, and they may have varying risks, but they have constant revisiting at early decision points: What do we know about these risks? What is it going to cost? You kind of winnow down over time what they think is executable and what is going to help the bottom line of the company. But it is based on knowledge, it is based on stakeholder involvement, that could be the chief financial officer, business people. So the process is set, and you are asking about the execution. The way I see it, that 2008 directive was a real important first step, and I say that because some of these requirements were, in fact, in place before 2008. They required a lot of this knowledge-based approach. In fact, we issued a report in 2005 that said even what they had in place then resembled the knowledge-based approach largely, and it was all about execution. I think why I say 2008 was important, because what they did was try to come up with a common lane which would explain what they want the components to do and how to do it, and they worked very closely with the different components to adjudicate a lot of comments, get a lot of understanding, a lot of conversations, and so it ended with that particular directive. But I think that was a real important step, because now everybody is talking a common language and I think should have a good understanding of what the requirements are. Why is it not being implemented? I would say largely there were some capacity issues. I believe around the 2008 time frame you had the Acquisition Program Management Division and the cost--they set up the Cost Analysis Division. I think you might have looked around, 8 people, 9 people. I believe 4 years later they are up in the stages of shooting towards roughly 55, and these are folks that are going to help manage the process through the Department, help provide cost-estimating support. So I think capacity was one part of it, but I also think it is leadership and having someone at the USM's level that will drive the process and insist on adhering to the governance process, and I think our work has shown that since January we are hearing more and more of the desire to do that. Mr. McCaul. It is good news. Just, you know, 4 years later now suddenly the light bulb is on that, gee, we had a solution to this that was set forth in a directive 4 years ago, and now we are thinking about implementing it. But it has been 4 years. So I guess to the other witnesses--and I know, Ms. Waters, you just came on board in March, so it may be unfair to pick on you. But, Dr. Nayak, can you speak to why this has not been implemented and why it has taken 4 years to finally get this idea that, gee, we came up with the solution 4 years ago that may work, and now we are just finally starting to implement them? Mr. Nayak. So happy to add to what Mr. Hutton shared. You know, look, I have been here for a little bit less than 2 years and I think Mark a little bit more than that and, obviously, Karen is new to her role. So it could possibly be if we used 4 years as the marker for that transition, you need steady leadership over time, and we have had it, and now we do actually have the results, as Mr. Hutton shared. A couple things I just generally want to share with you sort of on a positive note and all under the heading of acquisition, generally speaking. GAO recently issued in this month, I believe, a report on management integration, one on procurement oversight at the Department, as well as this report that we are discussing today. Lots of positive news in the management integration report about the things we are actually doing, the things we are executing against that 2008 directive that we have revised. Procurement oversight I think was one of the better GAO reports I have ever seen, and that is really in my wheelhouse we have enhanced procurement oversight. In investment management in this report, we recognize, as Mr. Borkowski pointed out, there is clean-up to be done, and we are doing that. So we have been living it for the last 2 years. It kind of starts out with the Integrated Investment Life Cycle, which essentially is going to have at the front end like a joint requirements body fed by sort of functional information that cuts across the components so that in the front end of acquisition we are going to be discussing commonalities and what major requirements should actually become programs eventually after looking across the enterprise of what we already have as well as even what other agencies have and DOD has. So you won't ever get programs birthed without being fully informed. That is the first thing. But on the back end, where we have lots of clean-up to do in the acquisition review sort of world and our more than 500 programs, 127 major programs and what we classify as level 1 and level 2, about 40 of each of those, we have lots of things in flight and are actually getting results. So just, for instance, because it has been mentioned here, do we have enough credible cost estimates? Well, we didn't in the past. Is it increasing? The answer is yes. Do programs go through ARBs and are they ever delayed? Are they ever stopped? The answer is yes. So we are forcing, first of all, a common language so everybody across the Department now is informed about program information, the same information through the DST, through the quarterly program acquisition report, and also Congress is through our comprehensive acquisition status report. We are more transparent than ever about everything that is going on with our programs. Meanwhile, we double back behind to do the clean-up work while also making sure no program gets birthed unless it goes through this Integrated Investment Life Cycle. So I am pretty confident that moving forward that we need time to just execution, and we are doing it today. So it is not like we are saying we need 2 years to begin execution; we are executing right now. Mr. McCaul. I think that is the good news. The bad news is you are still on GAO's high-risk list, despite all this good news. Mr. Borkowski. Mr. Borkowski. Yes, I would just like to also highlight there is a difference between knowledge management and documentation. See, that is part of the challenge here, right? So you mentioned STAMP. STAMP, we believe, has the knowledge management, but it is not documented in the appropriate format. So the question we have--and this is part of that balancing past and future--do we go back and capture that knowledge management in the now current formats or do we accept that the knowledge management is complete? Another I think that you might find intriguing is that, in the case of SBInet, that scored very highly in terms of the documentation complete, and yet we know what the status of that was. So as we do that balancing between past and future, it is very important we get in a common language. Because one of the problems that the Department has with STAMP is, okay, we have to spend all of this time confirming knowledge management. If we had had it in the right format, that would have been nearly the lift it is. But I think that is important as we look at digging out as opposed to going forward. It is very important to have a common language, but let's not confuse knowledge management with documentation. Mr. McCaul. Ms. Waters, do you have any remarks? Ms. Waters. No, thank you. Mr. McCaul. Okay, you are very smart. Mr. Hutton, it is my understanding that, in terms of procurement or acquisition, that it is still very siloed within the Department in terms of the 22 different components coming together. They are not really brought together; is that correct? Mr. Hutton. Well, if you take it from the point of view of program management and the large acquisitions, I would say that they are breaking down some of those silos. Because what they have done is the program accountability and risk management group, they moved it up under the under secretary of management, and they now--and then they established a component acquisition executive. So now you have a link between the Department-level governance process and the component level to work together to ensure that the Department's requirements are being met, and then folks like Mr. Borkowski will work within the component so that when they are going to an investment review meeting that through his great work he is going to ensure that they do have the knowledge and they do have it properly documented. I will just say, documentation is important, though, because it has to go forward for the Department. The Department is buying off on these large investments, many of them that are going to cost--you know, go out 20 years, cost billions of dollars, and you have to know when you are approving those programs at the start that you are making that commitment. Because if you don't know that, you may end up at a point in time where you start managing so many programs and the budget is forcing decisions where you start adding this funding instability and other things that we talk about which then starts creating problems for the program managers to be able to execute their program. So I think the documentation provides that added buy-in from the Department but it also facilitates some accountability as well. Mr. McCaul. Yeah, I think you make a good point. I mean, I can see how, you know, somebody in the Department is like, I have got all this paperwork I have got to do, and they think it is kind of cumbersome, burdensome, and not necessary. But when you are talking about particularly these level 1 programs, they are billions of dollars, and in the private sector I think that they would certainly have, you know, I think paperwork that would have to be completed. So from what I am hearing from you, though, these silos are not--there is a merger now in terms of acquisition policies is what you are saying that is happening? Mr. Hutton. Well, from my view, now there is more communication. I think there is better understanding. In our survey--and I would recommend everyone take a look at our survey in the back of the report. It was an outstanding survey. The 77 major program offices that we surveyed had a 92 percent response rate, but there are a whole bunch of questions in there that give a reflection of the program manager's view, the program office's view of their initiatives that they are undertaking now, what they think about PARM's role. PARM actually got--and I am not saying that as I am surprised--but they actually got some pretty high scores in terms of familiarity with what PARM is doing and also what value they think PARM is bringing to the programs. This is fairly recent, and that is why I think our survey was really like a health assessment. Dr. Nayak has a nice health assessment for his procurements. But if people go into that survey, there is a lot of questions that aren't really teased out in the report, but it is going to give you a good insight of what the ones that are on the ground trying to make these programs work, what they think about the Department's requirements, the Department's initiatives, and things like that. That said, I do want to make one point, though, sir. In January 2011 is when we kind of started really working, you know, back and forth for the Department in their efforts to get off the high-risk. We submitted five outcomes to the Department in the acquisition management area back in September, 2010. January, 2011, the Department came out with a strategy to get off the high-risk which includes acquisition management. That strategy was about 55 pages, and we had some feedback to the Department where we thought that strategy could be improved. They have had subsequent 6-month period strategies. They are now at a strategy--not saying more pages is better--but they are at about almost 300 pages in their current strategy, but they are starting to better link the outcomes that we expect them to take as to the root causes of why they haven't done it in the past. So I think that back and forth has helped a lot in promoting this. But one of the major features is its Integrated Investment Life Cycle Model. That was introduced in January, 2011. What is a little concerning to me is that when we surveyed the program offices 32 of the 47 of the program offices--and this was a response in January, March of this year--said that they really weren't too familiar with it yet. So I think if you are going to drive this down through the organization I think it is imperative that they keep talking and communicating. Yes, it is not fully developed yet. They are working through a lot of different things. We are open-minded about the approach they are taking. We want to see it play out. It is their solution. But we think communications with the components and constant interaction will help create a better likelihood of a good outcome in that effort. Mr. McCaul. It is an actual point that they still remain on the high-risk list. Are you optimistic that DHS will be off that list in the future, near future? Mr. Hutton. Sir, for context, DOD has been on the high-risk list for acquisition since 1992, the Department since 2005. We are talking--as Dr. Borkowski said, these are very complex systems. It is a lot of money. It is a lot of inherent risks. You take it back to the need to go through a knowledge- based approach. You are not going to get perfection. Even with the best knowledge-based approach, it comes down to individual decisions you make at each point in time along the way. So I would say that given the fact that they have so many programs without a lot of the foundational documents that is going to allow them to have the insight to make those good decisions, given that they have to get those developed and also approved by the Department so they know what they are buying and what capability they are buying. Mr. McCaul. I appreciate your kind of relationship in view of this. It is like a diagnostic test, almost like a doctor would make an analysis on your health. You are not doing quite as well, so you are on the high-risk list, but here is how you can get off of it. I think that kind of relationship working together is the productive way to move forward and get off the list, and hopefully I can share in your optimism at some point that they will be off the list. Last point, because I am taking a lot of time, but I can, I guess. It is just the two of us. Mr. Borkowski, I can't let you go without asking you about one of my favorite issues, and that is border technology. You and I went down there and looked at some DOD assets technology; and I still think, given these budgetary constraints we live in, that--and Mr. Cuellar and I talked to the generals in Afghanistan and Iraq about transferring some of this technology and leveraging existing technology within the Federal Government that we have already invested R&D money into. It is nothing. You don't have to recreate this stuff. I know you have some good news on that front, but I want to give you an opportunity to maybe talk a little bit about that issue in terms of what you are leveraging and where do we stand at this point in time with respect to the border and the technology initiative? Mr. Borkowski. Well, very quickly, we have built a much stronger real-time relationship with various elements of the Department of Defense that are helping us through this. So we are aware of the availability of all kinds of technologies, everything from nonintrusive inspection systems to aerostats to hand-held--you know, long-range night-imaging information. We have received a whole inventory of those things. I have sent teams out to Army depots to survey what is in that inventory and prepare to perhaps lay some claim to some of those things. For some of the systems, in particular aerostats and the towers that support them, we have actually worked with the Department of Defense to evaluate those systems on the Texas border in August. We actually had two aerostats and two towers. What we find, by the way, is that these things are very effective systems. What we are evaluating is what do they actually cost for us, what do we have to do to train our people. We want to make sure that we don't go into this without complete knowledge. Again, it is knowledge-based. We don't want to do the SBInet thing with the DOD technology. We want to make very clear that as we go into using this technology we are aware of what the complete bill will be. I will tell you that, particularly for those aerostats, very effective. So we are in the process of evaluating those results, making some trades with cost, looking at the inventory of things that the Department of Defense has that are oftentimes more modest things. In fact, the relationship is such that the Department of Defense--the Pentagon is a couple of blocks from my office--has actually left some of these things in my storage room so that we can actually try them out that way. So I think the relationship is getting better. I do want to be a little cautious. We do need to do some cost evaluation to make sure we can actually afford them, but it looks very promising. Mr. McCaul. That is good to hear. I got a phone call from Commissioner Aguilar actually updating me on the aerostat program, and specifically in Texas, and I just actually want to say how much I appreciate getting that phone call. I thought that was a real positive step to say, hey, here is some good news of what we are doing on the border. Are we still looking at--yeah, I think the fence is up, you have got more personnel, we can always use more resources. But when I hear it is going to take 10 more years to secure the border, that just didn't go over well with my constituents. Where are we right now? Mr. Borkowski. Well, with the Arizona---- First of all, the DOD systems--the DOD systems, the way that we are currently looking at them, they give us an opportunity to put some deployments, a shot in the arm in areas that the Arizona deployment doesn't cover, right? So we are still planning to do the Arizona deployment, but, as you recall, the rest of the border was intended to follow that. We reserve the option working with you to change that. We are seeing things, for example, going on in southern Texas that concern us, but, right now, the plan is to buy the things for Arizona and then extend beyond that. So one advantage of this DOD interaction is it may give us systems outside of Arizona more quickly than we thought. Having said that, the Arizona plan itself, many of the smaller systems have been bought. Those agent portable surveillance systems which we went and looked at down in Laredo, we have 15 of those in Arizona. We have been using them, continue to evaluate them. Mobile surveillance systems are coming on-line. We have been doing some testing with the vendors, but that is about done. Those will come on-line. The two big items that people spend time on are the remote video surveillance system cameras--those are day and night cameras that go on towers--and the integrated fixed towers, which are cameras and radars tied together in areas. Both of those are in what we know as source selection. We have sent out requests to industry for proposals. The bids have come back in. The remote video surveillance system is coming close to the end of that process. We have to evaluate those. The integrated fixed towers will take a while. Now there is a good news/bad news to that. We got so many more proposals for that than I have ever seen in my life, and it takes a long time to do due diligence with those proposals. So I am very, very pleased by the number of proposals that we have got because that suggests that all the communication we did with industry on--it is nondevelopmental. It doesn't have to do everything. If it does a lot and it is a good deal, that is good enough. It seems like that worked. The downside of that is I have just got to slog through all of those proposals. But we do have the proposals in. We are in the source selection process for those. Mr. McCaul. I do think those integrated fixed towers are really going to transform the security down there on the border. I agree. I mean, I sort of empathize with your situation where we are pressuring you to get this done as quickly as possible, and then we are pointing the finger at procurement acquisition failures and that sort of thing. So you have got a lot of proposals coming in, and you have got to weigh them and make sure you are making the right decision. I would appreciate it if you would update me personally and I think the committee as a whole because, you know, we get asked about this issue a lot when we go back home. I think if I can give my constituents and others on the committee a more positive outlook that that would be good. Because I think the current impression with a lot of the American people is that there is no security at all down there. That is, in fact, not the case. You and I know that. But the more updates you can give me, the more I can be a messenger that we are actually moving forward. So I would appreciate that. With that, I now recognize the Ranking Member. Mr. Keating. Thank you, Mr. Chairman. Mr. Hutton, in your remarks, you mentioned one of the difficulties being funding instability. Do you want to give me some more detail about exactly what you meant with that? Mr. Hutton. Sure. One of our questions in the survey was to have the program offices point out what the challenges were in executing their programs. Funding instability was one of the big ones, and we asked them to provide a sense of what are the various reasons for the funding instability? Just to give you an example--and I have seen this in the context of some of the Coast Guard programs that I am responsible for--is that you may get funding instability in the out-years for your particular program because of another program's funding needs. So what happens with--every year, as they go through the budget and each of the program offices, if they don't have an acquisition program baseline, hopefully they will get one, but also a good sense of their cost estimates. There is a certain outyear funding flow of what they expect that they are going to get and how much they are going to get in that year so they can plan their acquisition, execute their acquisition. But if you are making like budget decisions every year and you are trying to make the numbers fit, sometimes there are some programs that won't be able to execute aspects or buy a particular asset in that particular year. So what might be happening in another program--say even within a component--may affect another program. But that was the largest reason that was given for decreased out-year funding. Several other things might involve--the actual life-cycle cost estimate at the start didn't really affect the true costs. So there we get back the knowledge. When you are going through the process, you want to--and it is not easy to come up with one early on. But you want to keep looking at it, keep refining it. But if you aren't starting with a good, complete life-cycle cost estimate, it is hard to have that prediction going through the execution. Don't forget, when the Department is deciding they are going to go ahead with an investment, they will be looking at things like, what are we getting? What capability gap is it going to fill? What kind of capability are we going to get? How much is it going to cost? If that is not firmly established and you don't have solid--as best you can at that point in time--good estimates, then who knows what is going to happen over the course of the development of that program? Because you have, as we do in the Department here, at least 70, 80 more major acquisitions that are all trying to execute their program. As we know, they are precious dollars. The Department's budget for procurement has roughly doubled, I think, since 2004, 2005. Well, I don't know what is the future for the Department, but I am not sure we would all take a bet on doubling it again for the next 5 years, given the current situation. So that is a concern from the standpoint of if you don't have good insights on your costs right now--and the Department is really trying to get a handle on that--it really raises questions in my mind at some point, do we have a good handle on all the programs we are buying? Are they even all collectively affordable? Once you start stretching out programs because of affordability, that naturally one-one consequence might be further cost growth. Mr. Keating. When they are deciding, did they do it in that risk-assessment-type format that they are going to have to pick within internal areas? Because---- Mr. Hutton. Well, you are pointing to a very good point, and maybe Mr. Borkowski might be able to talk with more detail of what happens within a component. But I think that is one of the issues that we pointed out in our 2008 report and we continue to point out. That is why you need this information. Within a component, they might be able to have a good understanding of kind of their different programs, but who at the Department level in the absence of information is going to really be able to play off all of these different acquisitions that are trying to affect a capability gap in all these different missions? In the absence of that information, I am not sure how well you can make those kinds of good trade-offs. So I think you are pointing to one of the biggest challenges. One thing that the Department is working on with their Integrated Investment Life Cycle is how to match the individual decisions we are making at program levels to the broader Department needs and how they are addressing their overall capability gaps. Mr. Keating. Did you want to comment on that, Mr. Borkowski? Mr. Borkowski. Certainly, sir. When we go to--and this is why the Integrated Life Cycle Management is so important. Because when we go to a--and the development of that and the maturation and rhythm of it. When we go to a decision about allowing an acquisition to proceed, we look at what we think that acquisition will cost and we look at projections of the budget in the out-years, and we make decisions based on that point in time. After that decision is made, those budget assumptions change. There is not something in the acquisition decision process that forces a reconsideration of the decision based on that. It is at this point very much dependent on program managers who, by the way, we still need to train. So the Department response to that is to establish this integrated life-cycle management so that budget decisions are linked--they are not handled independently and the interactions between them are considered. We are not all the way there yet. But that is one of the reasons we need that initiative. In the mean time, all that I can do as a CAE is watch the program managers and make sure that as I identify those issues, that I raise them as appropriate. For example, we are about to do that with the integrated fixed towers. There are budget changes since we approved that program. We will bring that back to the Department. Mr. Keating. Great. Mr. Nayak--it is interesting, Mr. Nayak said he was going to move to Massachusetts, not Texas. Mr. Nayak. I was born in Massachusetts. Mr. Keating. Mr. Nayak, you mentioned, too, the need for resources in procurement itself. Do you want to be specific on that so I know exactly what you mean? Mr. Nayak. Yes. So a little bit less than 2 years ago, I arrived at the Department. One of the first things you want to get your hands around is, okay, what is in the contracting workforce? Well, at DHS, it is about 1,453 contracting people, and they are holding up $14 billion worth of contracts, 100,000 contract actions. Just a little bit more about the environment. The predominance of buying happens in the second half of the fiscal year. It is a tremendous lift for that many people. So we have set in motion an initiative to create a staffing model using workload data to see how many contracting people--and contracting being one sliver of the acquisition workforce. We have spent a lot of this hearing talking about the program management side of acquisition. In any event, the model shows us that--and very clearly shows us that we do need more resources to get done what we are doing. At the same time, look, we understand the fiscal environment. We understand where it possibly could go to. What are we doing within our lane even though we are armed with this information and would work with the committee and everybody else to one day possibly get more resources? We just have a very clear way of leading in procurement. I have summarized it in a first-ever strategic plan where I have four priorities for all of the 1,453 contracting employees, and it has been communicated very clearly. Mr. Hutton alluded to it. It basically is this: Quality people. You have got to have good contracting people. Quality contracting. There is basically everything but the kitchen sink that we have to perform while we are trying to get a good deal for the American taxpayer. You had mentioned small business, strategic sourcing, buying green. There is just a number of other things that we have to measure. Quality program support. We are not in the business of just contracting at DHS. We are contracting support programs that protect the country. The last one is effective engagement with industry. If we are spending $14 billion, we need to engage industry early and often and even outside of the procurement process. I have four priorities, 30 initiatives, 66 metrics to actually see how we are doing in the contracting lane from year to year. I would be happy to share more of that with you. But, with respect to staffing, we know we need more people, and we have the data to prove it. Mr. Keating. This is a thought: People I have talked to in the private sector are talking a lot about using the Cloud and being able to be to communicate almost real-time, almost the way they are with social networking. Only it would seem to me, with so many programs and so many managers, that that kind of technology would be very cost-effective and effective at dealing with it, rather than waiting for a GAO report every couple of years or that kind of oversight. Something that is more live-time. Something that can be integrated that way. Is that something that you are considering? Because it is much more cost-effective, but it also has the ability to have everyone communicating with each other, so you know which programs might be having a problem and you can move--you are not waiting until, you know, periods of fiscal instability. You are not waiting for this. Are you considering that kind of technology? Mr. Nayak. Yeah. Thank you for the question, and I would love to explore it a little bit more with you to get a better understanding of what you are sharing. Certainly we are using social technology in a number of areas, all of us are, for specific reasons. If I think I am understanding your point, it would be to make sure that we all have the same information. If, in fact, that is the point, we almost have the tools now to do that. I am a big fan of it. I love the fact that, for the first time ever, I think we can, in the Department, with respect to our programs, be very transparent with Congress, with OMB, with our components, and at a Departmental level, because we know we are all in this together. So I would love to explore that a little further. Mr. Keating. Because I think that, as Mr. Borkowski was mentioning, too, don't be afraid of scrapping a program or going back to point one. Well, why wait that far down the continuum to make the decision? If you are communicating all the way through, you may not have to wait until that point to say, I will have to start this from the beginning. You will go at an earlier stage and can manage your resources. That was the thought behind that. Mr. Borkowski, on a human sense, we have had other hearings in our committee. One of the recurrent themes that we have had you have touched upon a little bit and that is the idea of preparing successors. You know, there seems, from the personnel standpoint, such a movement of people. You are dealing with program--you know, people looking at programming. One of the things you mentioned is the difficulty with those people and their training. What can be done? You know, in terms of changing the climate, I get a sense that that climate is changing. People are more attuned to preparing a successor after themselves. But could you comment? That seems to be something that has come up at other hearings as well. Mr. Borkowski. Yes, sir. Thank you for the opportunity, because that is a huge issue. We have big programs, and we have smaller programs. We spend a lot of time on the big programs, and those are the programs that generally need the more skilled people. When you don't have those skills, you try to train them. Well, frankly, this takes experience, and there is no substitute for experience. Now in the near term, things like the Decision Support Tool, which will lead to this Cloud kind of awareness you are talking about, and the Centers of Excellence help us augment and reinforce those people. The interesting thing is there are succession management plans. DHS has a wonderful internship program that has brought in some extremely qualified, talented new people, a very impressive program, very impressive people, people with masters degrees. They come in for a 3-year internship. DHS pays for them for 3 years, and then we bring them on-board. The other thing that I am finding, which is something that we need to tap into, those smaller programs that don't get attention, the so-called level 3 programs which even Dr. Nayak may not get good insight into. We are starting to review those at my level. What I am seeing there is, that is the bench strength, right? Those are the people that will become the level 1 and level 2 program managers. In the past, we haven't been very conspicuous about that. We haven't thought about that. Those are people who kind of accidentally got appointed. The program is fairly small, but they are fairly talented. We now have the ability to talk with those people, to watch those people, to mentor those people so that we can grow a pipeline of program managers from our own bench strength. So there is a lot going on in that regard. The Centers of Excellence give us immediate reinforcement. The governance structure we have put in place gives managers a better way of assessing whether the big program managers are in place. The DHS intern program is wonderful and is bringing in wonderfully talented people. Our own bench strength that we haven't recognized in the past, this process allows us to capture. Mr. Keating. Those internship programs are done with academic institutions? Mr. Nayak. Actually, what happens is it is a competitive program. People apply for it. So they have generally graduated. This is their first employment, in many cases. Some of them have other experiences. But it is an extremely competitive program. It is wonderful, by the way, to see these talented people who are taking positions in the Federal civil service starting at a relatively low grade, frankly, compared to their degrees and experiences. With 3 years, they get promoted automatically up to the GS-12 level, and they are noncompetitively eligible to go to GS-13. So it is a wonderful program. But it is not with academic. It is our own program that DHS has created, and it is a wonderful program. Mr. Nayak. If you don't mind, I will just add to that, because I actually own the program. We have 166 participants in the program, and I really appreciate Mark's enthusiasm and support. Because it really is one of these One DHS things that we are doing. I hire the 166. They have a 3-year rotational program, solid training. Frankly, we are understating what we do in terms of training our people, although I do 100 percent agree with Mark. In order to get the skill, you need experience. You need knowledge and skill. But, for instance, in the Government, OMB essentially says for the acquisition workforce you have got to have a certification program for your contracting people, for your program managers, and what we call your contracting officers representatives. We have gone beyond that at DHS. We have got cost estimating certification systems, engineering test and evaluation, life-cycle logistics. All of these certifications are available, actually, to all members of the DHS acquisition workforce. But certainly the 166 that we have now in what we call our acquisition professional career program have access to that. Yeah, it really is second to none, at least in the civilian side of Government. Mr. Keating. Great. Mr. Hutton. Mr. Hutton. Thank you, Mr. Keating. I just wanted to kind of add on to the points made and also build on a question I think the Chairman had earlier about, you know, why has it been difficult for the execution? I think resources was one of the points that I made. It is interesting to note, in our report, we highlight seven of the main key initiatives that we see that the Department is trying to undertake; and, by my count, there are about five that I would say get at the resource issue. One has to do with the acquisition workforce development, as we have been talking here. One is the program management core. We were just talking earlier about the other--not just the contracting people but the people that have the technical skill to support a program office. That is one area where I believe, as we conducted our work, the Department at that time identified about 150 positions that were at a critical level. I think the Centers of Excellence, as Mr. Borkowski and Dr. Nayak have mentioned, is another way to leverage in the knowledge and skills they have, but they are trying to make that available to others, as well as the component acquisition executive structure. But for each of those initiatives, the point we made out was--and, as I said earlier, you know, going forward, they are pragmatic, they make sense. But for each of them I think we still identified one of the questions is the capacity to execute those initiatives and have the resources do it. But I do think they are targeting some of the areas that you raised the question, sir. Mr. Keating. Okay. Great. With that, I yield back my time. Thank you. Mr. McCaul. I thank the Ranking Member. I want to also pick up on a point that the Ranking Member made about, you know, the idea of an IT Cloud, a private Cloud with--and this is like a giant merger--as you know, 22 different companies essentially. In the House, we have a private IT Cloud, and there are some cybersecurity issues. I think actually it strengthens that. So I think that would just make imminent sense for the Department to, in the near future, move towards the idea-- because I think that would help facilitate the integration and the One DHS policy that you have. So, with that, just let me say that I think this has been a very productive discussion. I think the Department has made progress. I look forward to--hopefully next year--this committee hearing even better things. But you certainly have your work cut out for you and a big challenge ahead of you, and we want to work with you to help you in that. So, with that, this committee now stands adjourned. [Whereupon, at 10:20 a.m., the subcommittee was adjourned.] A P P E N D I X ---------- Question From Chairman Michael T. McCaul for John Hutton Question 1a. One of the Department's key oversight tools is its Program Accountability and Risk Management (PARM) office. Based on your assessment, what impact has PARM had in improving acquisition outcomes and requiring programs to adhere to DHS acquisition policy? Question 1b. Is the taxpayer receiving a decent return on its investment in PARM? Answer. In November 2008, we reported that DHS invested billions in major programs without providing appropriate oversight. Specifically, we found that staffing had not been sufficient to review investments in a timely manner and recommended that DHS identify and align sufficient management resources to implement timely oversight reviews throughout the investment life cycle. In response, DHS established the Acquisition Program Management Division and a Cost Analysis Division, and stated it would eventually increase staff for these offices to a total of 58 personnel. In 2011, DHS combined the two divisions and established the Office of Program Accountability and Risk Management (PARM), with responsibility for DHS's overall acquisition governance process. In February 2012, PARM officials told us that they had 46 positions available, and expected to gain another 10 positions during fiscal year 2012. PARM officials also told us that they had enough resources to hold oversight reviews when components request them. DHS has elevated PARM to report directly to the under secretary for management. We believe the recent steps taken will help position DHS to implement its knowledge-based acquisition policy more consistently in the future and reduce the risk that major acquisitions will perform poorly. Our survey of program managers conducted from January to March 2012 found that program officials valued PARM's services. Seventy-five percent of survey respondents (49 of 65) reported that they used PARM or its predecessor office as a resource; and of this group, 94 percent found the support to be somewhat to very useful. Further, we are encouraged that PARM officials have told us they would no longer advance programs through the acquisition life cycle until DHS leadership verified the programs had developed critical knowledge. However, our September 2012 report shows that PARM and DHS must overcome significant challenges moving forward. For example, one of the PARM initiatives during fiscal year 2011 was to attain Department-level approval of acquisition program baselines for 19 high-priority programs. However, we found that only 8 of the 19 programs had current, Department-approved baselines as of September 2012. In addition, nearly all the program managers we surveyed reported their programs had experienced funding instability, faced workforce shortfalls, or changed planned capabilities after initiation, which increased the risk of poor outcomes. In fact, nearly 60 percent of the programs experienced cost growth, schedule slips, or both. If PARM and DHS are to address the Department's acquisition management challenges and succeed in the long run, top leadership commitment and sustained implementation of its knowledge-based acquisition policy will be critical. Question From Ranking Member William R. Keating for John Hutton Question. We all know the Department is an operational agency with a significant, real-time mission, with threats that are on-going and ever-changing. In this context, please discuss the balance that should be struck between fielding new capabilities and ensuring that taxpayer dollars are spent in an effective manner. Answer. DHS has a diverse, critical, and challenging mission that requires it to respond to an ever-evolving range of threats. Given this mission, it is important DHS maintain an agile and flexible management approach in its day-to-day operations. However, DHS must adopt a more disciplined and systematic approach for managing its major investments, which are intended to help meet critical needs. DHS has taken some steps to improve investment management, but most of its major acquisition programs continue to cost more than expected, take longer to deploy than planned, or deliver less capability than promised. These outcomes are largely the result of DHS's lack of adherence to key knowledge-based program management practices, even though many are reflected in the Department's own acquisition policy. The urgency of DHS's operational needs has been a factor in how the Department has implemented its acquisition policy. DHS acquisition policy establishes several key program-management practices through document requirements, which are intended to provide critical knowledge needed to support effective decision making. However, PARM officials explained that DHS has permitted programs to advance without Department-approved acquisition documents because DHS had an operational need for the promised capabilities, but the Department could not approve the documents in a timely manner. In 2008 and 2010, we reported that several programs were permitted to proceed with acquisition activities on the condition they complete key action items in the future, but PARM officials told us that many of these action items were not addressed in a timely manner.\1\ --------------------------------------------------------------------------- \1\ GAO, Department of Homeland Security: Billions Invested in Major Programs Lack Appropriate Oversight, GAO-09-29 (Washington, DC: November 18, 2008); Department of Homeland Security: Assessments of Selected Complex Acquisitions, GAO-10-588SP (Washington, DC: June 30, 2010). --------------------------------------------------------------------------- We understand that there will be instances when it may be appropriate for DHS to pursue certain capabilities in an accelerated manner; however, we believe that those instances should be more by exception than the rule. It is essential that DHS take a more disciplined acquisition management approach moving forward, particularly as the Department must adjust to a period of Government- wide funding constraints. Without greater discipline, decisionmakers will continue to lack critical information and the Department will likely continue to pay more than expected for less capability than promised, which will ultimately hinder DHS's day-to-day operations and its ability to execute its mission. Further, Congress's ability to assess DHS funding requests and conduct oversight will remain limited. Questions From Chairman Michael T. McCaul for Nick Nayak Question 1a. According to GAO's work, DHS acquisition programs continue to produce unreliable cost estimates. What steps, if any, is the Department taking to contain and prevent cost growth in its major acquisition programs? Question 1b. How is DHS improving its cost estimates to make them more reliable? Answer. Over the past 3\1/2\ years, DHS has strengthened its policy for approving and managing acquisition programs. In an effort to contain and prevent cost growth in our major acquisition programs, DHS has instituted a variety of measures to ensure efficiency and mitigate risk. In 2010, DHS implemented Acquisition Management Directive (MD) 102-01, which requires components to demonstrate appropriate planning in order to receive approval for an acquisition. To ensure program managers are executing within cost and schedule parameters and to prevent potential cost growth, every program is required to receive approval from the Acquisition Review Board (ARB) before proceeding to the next phase of the acquisition life cycle, such as moving from development to production. A key responsibility of the ARB is to systematically review major acquisitions to ensure the program has instituted adequate programmatic risk mitigation strategies. In addition to ARB reviews at major milestones, DHS actively tracks and measures actual program performance via monthly reporting and oversight mechanisms such as the Comprehensive Acquisition Status Report, Quarterly Program Accountability Report, and Exhibit 300. This oversight provides an early alert to potential problems, such as cost growth or requirements creep, and, as a result, the Department can take corrective action by engaging the component or program. As a result of these oversight processes, the under secretary for management (USM) is able to direct improvements to inadequate program plans before allowing them to proceed. One specific example is the U.S. Immigration and Customs Enforcement (ICE) TECS Modernization program. As a result of a regular ARB program review, the USM halted the program and directed the ICE to re-baseline and effectively scope requirements. This ARB-directed pause for rebaselining resulted in a cost avoidance of roughly $46 million in operations and maintenance over the previous cost estimate. By the consistent application of policy and governance through the regular ARB review process, DHS has institutionalized a repeatable acquisition discipline. The result is better-performing programs and more reliable diagnostics to monitor decisions or actions that may lead to unplanned cost growth. The Department has implemented several improvements to the quality and reliability of the cost estimating discipline across DHS. In 2011, the USM established the Cost Estimating & Analysis Center of Excellence (CE&A COE), through the Office of Program Accountability and Risk Management (PARM), to provide best practices and guidance for development of all cost estimates and cost analyses in the Department. The COE has identified and obtained best-in-class cost estimating tools and standardized operating models that have been disseminated to the components. By providing cost estimating subject matter expertise to assist DHS components and program managers, the number of DHS-approved Life Cycle Cost Estimates (LCCEs) has significantly increased over the last year which allows DHS to better articulate required funding needs and more effectively ascertain impacts to program scope should budget cuts be required. The COE has developed and implemented a LCCE scorecard to systematically analyze the quality of LCCEs based on best practices identified by the GAO. The TECS Modernization system, as evidenced in their rebaselining efforts, exemplifies the value of both the scorecard and COE support to develop a reliable LCCE. DHS has also increased the number of Level III Certified Cost Estimators by 50 percent. Level III, the highest level certification, represents a senior level mastery of the knowledge and skills associated with the complexities of cost estimating. DHS is institutionalizing the cost estimating discipline across the Department by embedding experienced certified cost estimators into major operational components via the CE&A COE. These cost estimators provide consistent application of GAO best practices and establish cost estimating standard operating procedures at the component level. In addition to the added focus on accountability, risk, and oversight through the establishment of PARM, the changes have significantly enhanced the maturity of the Department, particularly in this discipline. These tools and practices provide a robust foundation upon which to build a culture of cost estimation within DHS which, in turn, increases the reliability of cost estimates across the Department. Question 2a. GAO reported that frequently the original capabilities for a program are changed. This can lead to cost overruns and schedule delays down the road. In your view, how critical is it to keep capabilities stable? Question 2b. Does DHS prefer to use an incremental approach to acquiring capabilities (fielding needed capabilities in steps)? If so, what is the impact of changing capabilities midcourse? Answer. The Department acknowledges that major acquisition programs must be properly structured to maintain a stable set of requirements for capabilities, yet be flexible enough to adjust to changes. This is particularly important given the adaptive nature of America's adversaries and the limited predictability of natural disasters. Management Directive (MD) 102-01 establishes the Department's acquisition life-cycle framework. The Department does view capability definition as foundational in defining an acquisition program. Each step of the life-cycle framework builds on defining a mission need and capability gap. This standardized framework begins with a component or program defining their mission need and capability to be developed. The next phase builds on defining the capability definition by analyzing alternatives, cost, and defining operational requirements for a capability gap. Once an alternative for delivering a capability has been approved, then a program proceeds with acquiring that capability. This could result in leveraging an existing capability, expanding existing capability, or acquiring the capability. Each phase of the acquisition life cycle is systematically reviewed and approved by the Acquisition Review Board (ARB). At an early phase in the life cycle the program is reviewed by the ARB for formal approval as a program of record. At this point the ARB is looking to verify that the potential acquisition has sufficiently well-defined operational requirements, a preferred solution set that is balanced, effective, and achievable, a complete life-cycle cost for that solution set and complete acquisition and support plans. The aforementioned are documented in what is known as the Acquisition Program Baseline (APB). The APB establishes the baseline cost, schedule, and performance parameters for the program and related projects. In practical terms, the APB is the ``contract'' between the Acquisition Decision Authority (ADA) and the component on what will be delivered, how it will perform, when it will be delivered, and what it will cost. Should a program or project fail to meet any cost, schedule, or performance threshold in the APB the Program Manager must submit a remediation plan to the Department within 30 days explaining circumstances of the breach and proposing corrective action. Within 90 days of the breach the program should be either be back within approved APB parameters; undergo a re-baseline of the breached parameters and have a new APB approved or partake in a program review with the ADA to review any proposed baseline revisions and recommendations. In addition to establishing an APB early on in a program's life cycle the ARB also reviews the approach to delivering capability as described in the Acquisition Plan. Distinct capabilities require different approaches to delivering capability to support the mission need. The acquisition review process reviews each program's delivery approach, and when appropriate approves incremental delivery. Incremental delivery being defined as limited production releases. For example, the Department routinely fields domain awareness assets (e.g., ships and aircraft) on a limited production release basis. This approach for large complex domain capabilities allows the Department to reduce development and deployment risk (e.g., by refining requirements or increasing the maturity of technologies prior to full production). Another example where a limited release approach is being used within Department is for certain IT system development programs. The use of this acquisition approach for IT systems is guided by OMB Circular A- 11. In general, capabilities are acquired and developed in useable segments to minimize financial and operational risk. For its IT programs, the Department has adopted OMB's ``25 Point Plan to Reform Federal Information Technology Management.'' The Plan allows organizations to provide end-users with an early opportunity to influence the solution before the product is released (i.e., agile development). DHS will leverage agile development to shift investment decisions from an inefficient, inflexible choice among projects to the management of business benefit. For IT programs using this approach, capabilities are delivered as smaller and limited chunks of functionality. DHS has already realized benefits in risk and cost reduction, faster time to field, and better fit of IT systems to mission needs where this approach has been adopted. For IT projects, collaboration and use of agile methodologies allows for production-ready code at the completion of each iteration; unit testing in each iteration; and, openness to business partner feedback and reprioritization. One such success story at DHS is the U.S. Immigration and Customs Enforcement (ICE) Criminal Alien Identification Initiative (CAII). The CAII Program Office adopted an agile approach to Systems Development in 2011 and it has continued to mature its development practices. The CAII Program Office has been successful in shortening the ``time to market'' for releases (time-boxed releases) and has reduced overall program development cost and schedule variances. The CAII Program Office uses small, highly skilled, and very efficient development teams that focus on developing working, production-worthy code. At any one time, the development teams are responsible for only a small number of documents, freeing up time for actual development. The Scrum Master, Information Technology Program Manager (ITPM), and Planning Team are responsible for mitigating any obstacles to efficient coding. As a result of these activities CAII has successfully delivered three ``major'' releases in a shortened time frame. With the agile approach, mistakes, when made, are smaller and benefits are realized sooner. CAII development was originally estimated to cost $60 million over 5 years. To date, 13 months and $5 million have been spent on CAII and the Program Office now projects a total cost of $12 million and completion within 2 years. No matter what delivery approach a program recommends, the ARB process has defined milestones to evaluate whether proper program planning has occurred to effectively deliver necessary capability. In the event of new circumstances (e.g., new threat, disaster, etc.), the ARB will conduct reviews to re-evaluate the program and make changes needed to improve the probability of capability delivery. This was the case for the USCIS Transformation program, where the approach approved in fiscal year 2010 did not result in capability delivery. The revised strategy required the program to use an agile development approach with smaller and more frequent capability delivery. Currently, the program has delivered more capability within the last year than in the previous 4 years combined. Further, the availability of improved data allows for greater ability to identify risks and resolve them before they become issues. This is accomplished through the Decision Support Tool (DST) which provides cost/schedule/performance data for senior decision makers. The DST serves as an early warning or trigger mechanism. Question From Ranking Member William R. Keating for Nick Nayak Question. How are the Centers of Excellence and the Decision Support Tool making an impact on the implementation of acquisition policy and procedures at the component level? Answer. In the past year, eight COEs have been established to reduce risk and improve program performance by supporting programs throughout their life cycle. To reduce risk, each COE reinforces compliance with the Department's acquisition policy by providing expert counsel and training to components. The COEs also develop clear, plain language guidance on how to execute and institutionalize DHS acquisition policy within the component. In fiscal year 2012, the Cost Estimating and Analysis Center of Excellence (CE&A COE) worked collaboratively with the U.S. Immigrations and Customs Enforcement (ICE) to develop and deploy nine training modules on cost estimating based on GAO best practices. This training has inspired ICE to develop and implement a Cost Estimating toolkit to aid its program managers with developing Life Cycle Cost Estimates which further institutionalizes the cost estimating discipline within ICE. The DST, taking information from the Department's source systems, is recognized as the principal program reporting tool across the Department. It provides essential information to the ARB and other decision makers throughout the life cycle of major acquisitions. In the past 2 years, component participation has increased from 39 percent to 97 percent. Components such as TSA, ICE, and USCG are augmenting their governance procedures by using reports generated from the DST to inform their internal reviews and governance activities. The use of the DST within the components promotes the integration of critical business information into operational activities and decision making. The DST has also proven to be an effective tool for increasing the accuracy and timeliness of major acquisition program data to track performance and inform decisions by the ARB. Additionally, the CE&A COE has worked with DHS Program Analysis and Evaluation (PA&E) to develop policy that requires Component Senior Financial Officers to certify the accuracy of key financial information, including program execution, budget, and out-year funding information. Program managers must validate that their program is fully resourced throughout the 5-year resource plan. If the acquisition is not fully resourced, the component must identify the trade-offs necessary to fund the acquisition within existing resources). Part of the trade-off analysis examines the impact of reducing performance or schedule to make the acquisition affordable. Questions From Chairman Michael T. McCaul for Karen Shelton Waters Question 1a. Earlier this year, GAO reported that TSA did not fully follow DHS acquisition policies when acquiring Advanced Imaging Technology--commonly referred to as full-body scanners that identify objects or anomalies on the outside of the body--which resulted in DHS approving deployment of AIT without fully knowing TSA's revised specifications. GAO also said that TSA failed to receive approval from DHS on how it would test AIT machines before deployment began. Why did TSA circumvent the Department on AIT? Answer. The Transportation Security Administration (TSA) did not circumvent the Department of Homeland Security (DHS), or its policies, on Advanced Imaging Technology (AIT). DHS Acquisition Management Directive 102-01 provides the overall policy and structure for acquisition management within DHS, the DHS Acquisition Lifecycle Review Framework, and additional management procedures and responsibilities that augment existing policies, regulations, and statutes that govern the procurement and contracting aspects of acquisition. Directive 102- 01 was issued as an interim policy in November 2008. By September 2009, implementation of the requirements of Directive 102-01 interim policy was still immature both at the Department and TSA, to include the process for requirements change notifications to acquisition management authorities. As a result, TSA did not document or process the notification, mentioning the change verbally at the DHS Acquisition Review Board in September 2009. Test and Evaluation Directive 026-06 prescribes implementing policies and procedures and assigns responsibilities for Test and Evaluation activities to be performed throughout the system acquisition process. Regarding the GAO finding that TSA failed to receive approval from DHS on the AIT test plan, the Test and Evaluation Directive 026-06 that required this approval was signed in May 2009, and since planned testing was already under way at this time, TSA was unable to delay the project without major ramifications occurring. Question 1b. What impact did this decision have on the capabilities of these machines? Answer. The failure to go through the formal requirements change process did not affect the capabilities of the Advanced Imaging Technology (AIT). Typically, acquisition authorities at DHS do not determine what the requirements should be, because they are not the operational experts. Instead, these authorities are primarily concerned about requirements being properly stated, coordinated with the right people, and validated before significant investment is made in pursuing a system that meets them. Threats to aviation are dynamic and constantly evolving to include non-metallic threat objects and liquids (for example, explosives) carried on persons. AITs offer a significant increase in detection capabilities for non-metallic threats previously not mitigated by walk-through metal detectors and provide the best opportunity for mitigating these threats, as well as balancing security effectiveness, operational efficiency, throughput, passenger satisfaction, and privacy. Question 1c. Has TSA taken steps to ensure this does not occur in the future? Answer. TSA's internal acquisition processes and workforce are in alignment with DHS policy. TSA fully complies with DHS acquisition policy and ensures Program Management Offices adhere to the processes, ensuring compliance with the letter and intent. Numerous TSA Acquisition Review Boards, continual reviews of key acquisition management documents, and continual coordination internally in TSA and externally with DHS provide management controls and adequate oversight. Question 2. Is DHS's acquisition policy achievable? How could the Department better ensure programs at the component-level adhere to the policy? Answer. Yes, the Department of Homeland Security's (DHS) acquisition policy is reasonable and achievable. In the past 4 years, the Transportation Security Administration (TSA) has made great strides towards understanding and implementing the DHS's acquisition policy, and adequate governance processes are in place. In addition, DHS and TSA derive significant benefit from an increase of qualified acquisition personnel assigned within the governance offices. Question 3. What steps has TSA taken to ensure a failure like the puffer machines does not occur in the future? Answer. As noted previously, improvements in compliance and overall maturation in the areas of acquisition management, requirements generation, and testing and evaluation will help ensure that quality products are delivered to the field to support the Transportation Security Administration's (TSA) aviation security mission. In particular, the TSA follows a robust test and evaluation process for all of its technology procurements. This includes both developmental/ technical testing--and operational testing in the field environment, to ensure all checkpoint screening technologies are assessed as to operational effectiveness and suitability prior to full rate production decisions or wide-scale use--in airport settings. TSA also conducts additional testing activities at its TSA Systems Integration Facility (TSIF), which began operations in January 2009. TSA designed the TSIF to serve as a simulated, but representative, operational environment in which to test and evaluate security technologies without interfering with airport operations. This capability did not exist when TSA purchased the puffer machines, which went from laboratory testing to field deployment. Additionally, in 2009, the Department of Homeland Security issued Management Test and Evaluation Directive 026-06 to prescribe implementing policies and procedures and assigns responsibilities for Test and Evaluation activities to be performed throughout the system acquisition process. Management Directive 026-06 also establishes DHS oversight of components. The TSA Passenger Screening Program strictly adheres to this policy in its program execution and follows the processes defined within it. The elements within the test planning and execution process ensure that operational tests and evaluations have been successfully completed before deploying checkpoint screening technologies to airport checkpoints. Question From Ranking Member William R. Keating for Karen Shelton Waters Question. To date, how many programs have moved through the review and approval process under the Program Accountability and Risk Management Office? What are the dollar thresholds for these programs? Answer. The Transportation Security Administration (TSA) has 11 major acquisition programs with the Department of Homeland Security (DHS)'s Program Accountability and Risk Management (PARM) oversight. Four programs have completed the TSA acquisition process and portions of the DHS PARM acquisition review process. Seven programs were in full operational sustainment prior to the initiation of the DHS Acquisition Management Directive 102-01-001 acquisition policy, and therefore, have not been through the DHS PARM process. Acquisition Management Directive 102-01-001 are instructions which complement Acquisition Management Directive 102-01. Acquisition Management Directive 102-01 provides the overall policy and structure for acquisition management within DHS, the DHS Acquisition Lifecycle Review Framework, and additional management procedures and responsibilities that augment existing policies, regulations, and statutes that govern the procurement and contracting aspects of acquisition. However, these programs have undergone reviews as part of the DHS Portfolio Review process, internal program status assessments, and Office of Management and Budget Exhibit 300 preparation, review, and submission. As these programs initiate actions or initiatives that make it appropriate to do so, the TSA Component Acquisition Executive will engage with PARM to arrange for the appropriate reviews to take place. All of these 11 major TSA acquisition programs have been determined to meet the Directive 102-01-001 criteria identifying them as Level 1 & 2 programs. (Note: Level 1 = Life Cycle Cost at or above $1 billion, Level 2 = Lifecycle Cost $300 million or more, but less than $1 billion). Question From Ranking Member William R. Keating for Mark Borkowski Question. How is the Office of Technology and Innovation, which you created, working to ensure that CBP personnel understand the Department's management integration initiatives and their roles in implementing procurement procedures? What types of outreach and training for staff are being offered? Answer. U.S. Customs and Border Protection's (CBP) philosophy espouses that acquisition (e.g., from cradle to grave) governance requires cooperation and participation among the Component Acquisition Executive (CAE), Chief Information Officer (CIO), and Head of Contracting Activity (HCA). Though each has defined roles and responsibilities unique to their respective positions, each recognizes the need for, and enforces collaboration in acquisition program governance. In keeping with the philosophy of cooperation and participation for acquisition governance, CBP's Program Lifecycle Process (PLP) Guide was signed by Mr. Armstrong, CIO; Mr. Gunderson, HCA; and Mr. Borkowski, CAE on Friday, March 30, 2012. The Program Lifecycle Process (PLP) Guide presents a unified governance process for all CBP programs and implements the DHS acquisition policy directive, D-102 within CBP. All programs and projects (including capital assets and enterprise services) are managed through a consistent governance process that allows leadership to make informed decisions about where money is being invested and what is being acquired. Efficient governance processes allow Program Managers (PMs) to maximize program success, navigate governance processes, and deliver much-needed capability to end-users. To this end, the CBP PLP Guide integrates investment, acquisition, enterprise architecture, and systems engineering governance to the fullest extent possible. CBP policies implementing D-102 and defining roles and missions of acquisition stakeholders, melding of enterprise architecture and Systems Engineering Life Cycle (SELC) gate reviews, and CBP life-cycle logistics have been drafted and are currently in review. OTIA and CBP have developed a governance structure that simplifies and reduces the number of required program reviews while including participation and representation of functional and technical experts from across key CBP offices. Additionally, senior leaders in acquisition at the Department level are involved at critical decision events. A streamlined acquisition investment review board (IRB) has been defined, tailorable based on Acquisition Level of a specific program. CBP's acquisition triad has initiated twice-yearly acquisition reviews of all CBP programs with CAE/CIO/HCA and DHS Program Accountability and Risk Management (PARM) office participation. The CAE's support staff conducts quarterly program manager off-sites to share information, provide training, and strengthen the acquisition core. OTIA's Acquisition Guidance and Analysis Directorate (AGAD) offers training to individual program management offices, two of which have taken advantage of this training to strengthen their staffs and program expertise. CBP is moving away from short-sighted annual budget processes to long-term (multi-year) strategies for acquiring and supporting capabilities; establishing the framework for agency level prioritization of needs with solutions, with the first extensive bottoms-up build of Resource Allocation Plan (RAP) conducted for fiscal years 2014-2018. CBP is changing the organizational culture of submitting ill- prepared requirements to procurement. Using procurement tools such as Contract Performance and Reporting System (CPARS), helps improve vendor performance and responsiveness through accountability. The procurement function is an integral part of acquisition processes--including procurement actions early in the acquisition planning process. OTIA, in coordination with the HCA, established Contract Review Boards (CRBs) to effect early coordination of acquisition planning with commensurate procurement planning. As a proven best practice, implementation of the CRB throughout CBP is in progress. Top priorities are to increase quality and effectiveness of the acquisition workforce by supporting CBP's professional Acquisition Corps development. Current scope for Acquisition Workforce (AWF) improvement includes on-going Training & Development (T&D), support for DHS certification attainment, Continuous Learning (CL) achievement/ maintenance, piloting a Succession Planning & Talent Management process for Acquisition Program Management Office (PMO) staffing, designation of acquisition positions with flags in human resource systems, and correlation of Position Descriptions (PDs) properly classified to support hiring and retention of acquisition professionals to improve mission outcomes. OTIA's Acquisition Support Division manages acquisition and procurement-specific workshops conducted weekly using a portfolio of 1- hour introductory modules to provide just-in-time acquisition training in a continuous learning environment. OTIA's Acquisition Management Division is working jointly with Procurement to deliver ``Procurement 102'' training/workshops; building on next level from ``Procurement 101'' training developed/delivered beginning in fiscal year 2010; delivering over 50 classes Nation-wide to over a thousand CBP employees in fiscal year 2010 and fiscal year 2011. OTIA and Procurement jointly developed and began delivery of Procurement 102, providing 14 training sessions in fiscal year 2012, across the country, for program and procurement personnel to enhance planning and quality of procurement request packages. An ``Acquisition Planning'' workshop was presented this past week, which we are mapping to DHS MD102. CBP currently has 1,256 certified AWF professionals in all eight certification career disciplines, as detailed below. Two-hundred eighty-five Total CBP Acquisition Professional Certifications were processed in fiscal year 2012, and maintained 92.6% Total CBP Continuous Learning Achievement for 1,233 CBP AWF professions with DHS certification. ------------------------------------------------------------------------ DHS Certified Professionals DHS Certification Discipline (as of 9/4/ 2012 from FAITAS) ------------------------------------------------------------------------ Contracting Officer's Representative (COR).............. 737 Acquisition Program Manager (PM)........................ 318 Contracting Officer (CO)................................ 157 Life Cycle Logistics (LCL).............................. 16 Test & Evaluation (T&E)................................. 14 Program Financial Management (PFM)...................... 9 Systems Engineering (SE)................................ 5 Business Cost Estimating (BCE).......................... 0 ------------------------------------------------------------------------ OTIA will serve as the test bed and demonstration site for implementation. OTIA has identified Acquisition Workforce positions (task completed in fiscal year 2012) and will work with Human Resources (HR) in fiscal year 2013 to designate those positions in HR database systems in fiscal year 2013. Also in fiscal year 2013, position descriptions will be modified for acquisition positions, working closely with HR classification professionals to ensure accurate, definitive, and standardized position descriptions are matched to the designated acquisition positions. Hiring to those positions and identification of follow on training for continuous learning opportunities and career development will be a continuous process. Focus for fiscal year 2014 and fiscal year 2015 will be to share and flow applicable methodology of designating acquisition positions and use of standardized acquisition position descriptions to program offices outside of OTIA. Fiscal year 2016 and fiscal year 2017's priorities will be to share proven methodologies to CBP acquisition supporting offices outside of OTIA.